//1.定义ShiroFilterFactoryBean
ShiroFilterFactoryBean factoryBean = new ShiroFilterFactoryBean();
factoryBean.setSecurityManager(securityManager);
// 如果不设置默认会自动寻找Web工程根目录下的"/login.jsp"页面
//登录页面(请求)
factoryBean.setLoginUrl("/login");
// 登录成功后要跳转的连接 (请求)
factoryBean.setSuccessUrl("/index");
//没有权限页面
factoryBean.setUnauthorizedUrl("/403");
//.配置拦截器
loadShiroFilterChain(factoryBean);
return factoryBean;
/**
* Shiro 内置过滤器,可以实现权限相关的拦截器
* anon:无需认证(登录)可以直接访问
* authc:必须认证才能访问
* user:如果使用rememberMe的功能才可以访问
* perms:该资源得到资源权限才可以访问
* role:该资源必须得到角色权限才可以访问
*/
filterChainMap.put("/403", "anon");
filterChainMap.put("/assets/**", "anon");
filterChainMap.put("/layui/**", "anon");
filterChainMap.put("/js/**", "anon");
filterChainMap.put("/prism/**", "anon");
/**下面这些规则配置最好配置到配置文件中*/
//LinkedHashMap有序,shiro会根据添加顺序进行拦截
Map<String, String> filterChainMap = new LinkedHashMap<String, String>();
Map<String, String> filterChainMapTemp = new LinkedHashMap<String, String>();
filterChainMap.put("/login", "anon");
filterChainMap.put("/login/check", "anon");
filterChainMap.put("/403", "anon");
filterChainMap.put("/assets/**", "anon");
filterChainMap.put("/layui/**", "anon");
filterChainMap.put("/js/**", "anon");
filterChainMap.put("/prism/**", "anon");
filterChainMap.put("/upload/**", "anon");
//给SpringBootAdmin开启权限
filterChainMap.put("/monitor/**", "anon");
filterChainMap.put("/api/**", "anon");
filterChainMap.put("/health/**", "anon");
filterChainMap.put("/favicon.icon", "anon");
filterChainMap.put("/crm/crmLogin", "anon");
//权限分配
filterChainMap.put("/admin/**", "authc");
filterChainMap.put("/role/**", "authc");
filterChainMap.put("/user/**", "authc");
filterChainMap.put("/dict/**", "authc");
filterChainMap.put("/aop/**", "authc");
filterChainMap.put("/car/**", "authc");
filterChainMap.put("/menu/**", "authc");
filterChainMap.put("/crm/**", "authc");
//行为分配
filterChainMap.put("/notice/notice_create", "authc");
filterChainMap.put("/notice/notice_send", "authc");
//登出的过滤器(自定义退出/logout)
filterChainMap.put("/logout", "logout");
//配置记住我,认证通过才可以访问
filterChainMap.put("/index","user");
filterChainMap.put("/main","user");
//
filterChainMap.put("/**", "authc");
/**
* 为了放行Spring Boot Admin
* 这里启用临时方案 PlanB
* 将shiro倒过来使用
* 所有使用到的页面都加密成需要登陆才能访问
* 其余所有一律采取不拦截
*/
filterChainMapTemp.put("/notice/notice_create", "authc");
filterChainMapTemp.put("/notice/notice_send", "authc");
filterChainMapTemp.put("/js/**", "authc");
filterChainMapTemp.put("/index/**", "authc");
filterChainMapTemp.put("/user/**", "authc");
filterChainMapTemp.put("/dict/**", "authc");
filterChainMapTemp.put("/car/**", "authc");
filterChainMapTemp.put("/aop/**", "authc");
filterChainMapTemp.put("/userinfo/**", "authc");
filterChainMapTemp.put("/calendar/**", "authc");
filterChainMapTemp.put("/admin/**", "authc");
filterChainMapTemp.put("/role/**", "authc");
filterChainMapTemp.put("/menu/**", "authc");
filterChainMapTemp.put("/message/**", "authc");
filterChainMapTemp.put("/notice/**", "authc");
filterChainMapTemp.put("/upload/**", "authc");
filterChainMapTemp.put("/logout", "logout");
filterChainMapTemp.put("/crm/crmLogin", "anon");
filterChainMapTemp.put("/**","anon");
factoryBean.setFilterChainDefinitionMap(filterChainMapTemp);