| 12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576777879808182838485868788899091929394 |
- <?xml version="1.0" encoding="UTF-8"?>
- <beans xmlns="http://www.springframework.org/schema/beans"
- xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
- xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.1.xsd"
- default-lazy-init="true">
- <bean id="securityManager" class="org.apache.shiro.web.mgt.DefaultWebSecurityManager">
- <property name="realm" ref="shiroDbRealm" />
- <property name="cacheManager" ref="shiroEhcacheManager" />
- <property name="sessionManager" ref="sessionManager"></property>
- </bean>
- <bean id="sessionManager"
- class="org.apache.shiro.web.session.mgt.DefaultWebSessionManager">
- <property name="sessionDAO" ref="sessionDAO" />
- <property name="sessionValidationScheduler" ref="sessionValidationScheduler" />
- <property name="globalSessionTimeout" value="86400000" />
- <property name="sessionIdCookie" ref="sharesession" />
- <property name="sessionValidationSchedulerEnabled" value="true" />
- <property name="deleteInvalidSessions" value="true" />
- </bean>
- <bean id="sharesession" class="org.apache.shiro.web.servlet.SimpleCookie">
- <!-- cookie的name,对应的默认是 JSESSIONID -->
- <constructor-arg name="name" value="SHAREJSESSIONID_PROJECTS" />
- <!-- jsessionId的path为 / 用于多个系统共享jsessionId -->
- <property name="path" value="/" />
- <property name="httpOnly" value="true" />
- <!-- <property name="domain" value=".nrbang.net" /> -->
- </bean>
-
- <bean id="sessionDAO" class="com.team.security.MCSessionDAO">
- <property name="client" ref="memcachedClient"></property>
- </bean>
-
- <bean id="sessionValidationScheduler"
- class="org.apache.shiro.session.mgt.ExecutorServiceSessionValidationScheduler">
- <property name="interval" value="1800000" />
- <property name="sessionManager" ref="sessionManager"></property>
- </bean>
- <!-- 用户授权信息Cache, 采用EhCache -->
- <bean id="shiroEhcacheManager" class="com.team.cache.memcached.MemcachedCacheManager">
- <property name="simpleCacheManager" ref="simpleCacheManager"></property>
- </bean>
- <bean id="simpleCacheManager" class="com.team.cache.memcached.SimpleCacheManagerImpl">
- <property name="memcachedClient" ref="memcachedClient"></property>
- </bean>
- <!-- depends-on="resourceOperateDao,operateDao,resourceDao" -->
- <bean id="chainDefinitionSectionMetaSource" class="com.team.security.ChainDefinitionSectionMetaSource">
- <property name="filterChainDefinitions">
- <value>
- /html/**=authc
- /register=authc
- /login=authc
- /logout=logout
- </value>
- </property>
- </bean>
- <!-- 自定义的Filter -->
- <!-- 自定义的Realm -->
- <bean id="shiroDbRealm" class="com.team.security.ShiroDbRealm">
- <!-- <property name="client" ref="xMemcachedClient" /> -->
- <!-- depends-on="roleDao,resourceOperateDao,operateDao,resourceDao,userDao,xMemcachedClient" -->
- </bean>
- <!-- Shiro Filter -->
- <bean id="shiroFilter" class="com.team.security.EcShiroFilterFactoryBean">
- <!-- shiro的核心安全接口 -->
- <property name="securityManager" ref="securityManager" />
- <!-- 要求登录时的链接 -->
- <property name="loginUrl" value="/" />
- <!-- 登陆成功后要跳转的连接 -->
- <property name="successUrl" value="/index" />
- <!-- 未授权时要跳转的连接 -->
- <property name="unauthorizedUrl" value="/view/error/error.jsp" />
- <!-- shiro连接约束配置,在这里使用自定义的动态获取资源类 -->
- <property name="filterChainDefinitionMap" ref="chainDefinitionSectionMetaSource" />
- </bean>
- <!-- 保证实现了Shiro内部lifecycle函数的bean执行 -->
- <bean id="lifecycleBeanPostProcessor" class="org.apache.shiro.spring.LifecycleBeanPostProcessor" />
- <bean
- class="org.apache.shiro.spring.security.interceptor.AuthorizationAttributeSourceAdvisor">
- <property name="securityManager" ref="securityManager" />
- </bean>
- </beans>
|
