Screen Shot 2021-08-03 at 3.41.22 PM.png
上⾯红⾊连接线表⽰基于JWT Token的Mobile App认证⽅式,蓝⾊连线表⽰基于Session的登录⽅式。其中内部定时器或者服务也是基于JWT Token认证⽅式,只是需要内置⼀些系统⽤户。
2. 实现步骤
Screen Shot 2021-08-03 at 3.44.04 PM.png 2.3.1 JWTAuthcFilter
2.3.4 ShiroConfig
import odec.Base64;
import util.StrUtil;
import lombok.Data;
slf4j.Slf4j;
import org.apache.dential.CredentialsMatcher;
import org.apache.shiro.authc.pam.FirstSuccessfulStrategy;
import org.apache.shiro.authc.pam.ModularRealmAuthenticator; import org.apache.shiro.cache.ehcache.EhCacheManager;
import org.SecurityManager;
import org.alm.Realm;
import org.apache.is.EnterpriseCacheSessionDAO; import org.apache.is.SessionDAO;
import org.apache.shiro.spring.LifecycleBeanPostProcessor;
import org.apache.shiro.spring.web.ShiroFilterFactoryBean;
import org.apache.CookieRememberMeManager; import org.apache.DefaultWebSecurityManager; import org.apache.shiro.web.servlet.Cookie;
import org.apache.shiro.web.servlet.SimpleCookie;
import org.apache.shiro.DefaultWebSessionManager; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.beans.factory.annotation.Value;
import t.annotation.Bean;
import t.annotation.Configuration;
import javax.servlet.Filter;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.LinkedHashMap;
import java.util.List;
import java.util.Map;
@Configuration
@Slf4j
@Data
shiro安全框架public class ShiroConfig {
@Value("${shiro.session.timeout:1800000}")
private Long sessionTimeout;
@Value("${}")
private Integer retryLimit;
@Value("${shiro.lock}")
private Integer lockLimit;
@Value("${shiro.disabled:false}")
private boolean isDisabled;
@Value("${shiro.lock-duration}")
private Long lockDuration;
@Value("${spring.application.name}")
private String name;
@Value("${server.kie.http-only:true}")
private Boolean httpOnly;
@Value("${server.kie.secure:false}")
private Boolean secure;
@Value("${shiro.loginurl:/platform-user-service/login}")
private String loginUrl;
@Value("${shiro.overwrite.loginurl:}")
private String overWriteLoginUrl;
@Value("${shiro.jwt.urlPattern:/*}")
private String  urlPattern;
@Value("${shiro.jwt.maxAliveMinute:30}")

版权声明:本站内容均来自互联网,仅供演示用,请勿用于商业和其他非法用途。如果侵犯了您的权益请与我们联系QQ:729038198,我们将在24小时内删除。