web.xml
1 <filter> 2 <filter-name>shiroFilter</filter-name> 3 <filter-class> 4 org.springframework.web.filter.DelegatingFilterProxy 5 </filter-class> 6 </filter> 7 <filter-mapping> 8 <filter-name>shiroFilter</filter-name> 9 <url-pattern>/shiro/*</url-pattern> 10 </filter-mapping>
applicationContext.xml
1 <bean id="shiroFilter" class="org.apache.shiro.spring.web.ShiroFilterFactoryBean"> 2 <property name="securityManager" ref="securityManager"/> 3 <!-- override these for application-specific URLs if you like: 4 <property name="loginUrl" value="/login.jsp"/> 5 <property name="successUrl" value="/home.jsp"/> 6 <property name="unauthorizedUrl" value="/unauthorized.jsp"/> --> 7 <!-- The 'filters' property is not necessary since any declared javax.servlet.Filter bean --> 8 <!-- defined will be automatically acquired and available via its beanName in chain --> 9 <!-- definitions, but you can perform instance overrides or name aliases here if you like: --> 10 <!-- <property name="filters"> 11 <util:map> 12 <entry key="anAlias" value-ref="someFilter"/> 13 </util:map> 14 </property> --> 15 <property name="filterChainDefinitions"> 16 <value> 17 # some example chain definitions: 18 /admin/** = authc, roles[admin] 19 /docs/** = authc, perms[document:read] 20 /shiro/** = authc 21 # more URL-to-FilterChain definitions here 22 </value> 23 </property> 24 </bean>
测试url: /shiro/test
结果: shiroFilter - 》DispatcherServlet
测试url: /other/test
结果: DispatcherServlet
结论:当请的url能被shiro过滤器匹配到时,先走shiro过滤器,再走DispatcherServlet ;
否则只走DispatcherServlet。