forked from guomin/QRORDER
104 lines
4.3 KiB
XML
104 lines
4.3 KiB
XML
<?xml version="1.0" encoding="UTF-8"?>
|
||
<beans xmlns="http://www.springframework.org/schema/beans"
|
||
xmlns:aop="http://www.springframework.org/schema/aop" xmlns:tx="http://www.springframework.org/schema/tx"
|
||
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:context="http://www.springframework.org/schema/context"
|
||
xsi:schemaLocation="http://www.springframework.org/schema/beans
|
||
http://www.springframework.org/schema/beans/spring-beans-3.2.xsd
|
||
http://www.springframework.org/schema/context
|
||
http://www.springframework.org/schema/context/spring-context-3.2.xsd
|
||
http://www.springframework.org/schema/tx
|
||
http://www.springframework.org/schema/tx/spring-tx-3.2.xsd
|
||
http://www.springframework.org/schema/aop
|
||
http://www.springframework.org/schema/aop/spring-aop.xsd">
|
||
|
||
<bean id="shiroCacheManager" class="org.apache.shiro.cache.ehcache.EhCacheManager">
|
||
<property name="cacheManager" ref="shiroCache" />
|
||
</bean>
|
||
<bean id="shiroCache"
|
||
class="org.springframework.cache.ehcache.EhCacheManagerFactoryBean">
|
||
<property name="configLocation" value="classpath:ehcache-shiro.xml"></property>
|
||
<property name="shared" value="true"></property>
|
||
</bean>
|
||
|
||
<bean id="bettersoftApiAuthorizingRealm" class="com.bettersoft.api.realm.BettersoftApiAuthorizingRealm">
|
||
<property name="cachingEnabled" value="true" />
|
||
<property name="authorizationCacheName" value="authShiro"></property>
|
||
</bean>
|
||
|
||
<bean id="sessionManager" class="org.apache.shiro.session.mgt.DefaultSessionManager">
|
||
<property name="sessionValidationSchedulerEnabled" value="false" />
|
||
</bean>
|
||
|
||
<!--解决报错,组装默认的subjectDAO -->
|
||
<bean id="subjectDAO" class="org.apache.shiro.mgt.DefaultSubjectDAO">
|
||
<property name="sessionStorageEvaluator" ref="sessionStorageEvaluator" />
|
||
</bean>
|
||
|
||
<bean id="sessionStorageEvaluator" class="org.apache.shiro.mgt.DefaultSessionStorageEvaluator">
|
||
<property name="sessionStorageEnabled" value="false" />
|
||
</bean>
|
||
|
||
<bean id="securityManager" class="org.apache.shiro.web.mgt.DefaultWebSecurityManager">
|
||
<property name="realm" ref="bettersoftApiAuthorizingRealm"></property>
|
||
<property name="subjectDAO" ref="subjectDAO" />
|
||
<property name="sessionManager" ref="sessionManager" />
|
||
<property name="cacheManager" ref="shiroCacheManager"></property>
|
||
</bean>
|
||
|
||
<!-- 保证实现了Shiro内部lifecycle函数的bean执行 -->
|
||
<bean id="lifecycleBeanPostProcessor" class="org.apache.shiro.spring.LifecycleBeanPostProcessor" />
|
||
<!-- 开启Shiro注解 -->
|
||
<bean
|
||
class="org.springframework.aop.framework.autoproxy.DefaultAdvisorAutoProxyCreator" depends-on="lifecycleBeanPostProcessor">
|
||
<property name="proxyTargetClass" value="true" />
|
||
</bean>
|
||
|
||
<bean
|
||
class="org.apache.shiro.spring.security.interceptor.AuthorizationAttributeSourceAdvisor">
|
||
<property name="securityManager" ref="securityManager" />
|
||
</bean>
|
||
|
||
<bean id="bettersoftApiFilter" class="com.bettersoft.api.filter.BettersoftApiFilter" />
|
||
|
||
<!-- <bean id="bettersoftApiPermissionFilter" class="com.bettersoft.api.filter.BettersoftApiPermissionFilter" /> -->
|
||
|
||
<bean id="bettersoftApiLogoutFilter" class="com.bettersoft.api.filter.BettersoftApiLogoutFilter" />
|
||
|
||
<bean id="bettersoftWxApiFilter" class="com.bettersoft.api.filter.BettersoftWxApiFilter"/>
|
||
|
||
<bean id="shiroFilter" class="org.apache.shiro.spring.web.ShiroFilterFactoryBean">
|
||
<property name="securityManager" ref="securityManager" />
|
||
<property name="filters">
|
||
<map>
|
||
<entry key="statelessAuth" value-ref="bettersoftApiFilter" />
|
||
<entry key="logout" value-ref="bettersoftApiLogoutFilter" />
|
||
<entry key="wx" value-ref="bettersoftWxApiFilter" />
|
||
</map>
|
||
</property>
|
||
<property name="filterChainDefinitions">
|
||
<value>
|
||
/online/onlineorderp/** = anon
|
||
/oauth/** = anon
|
||
/ws/** = anon
|
||
/oauth/logout = logout
|
||
/online/buyCart/** = wx
|
||
/online/callJiake/** = anon
|
||
/online/onlineItem/searchClientItems = wx
|
||
/online/onlineItem/findOnlineItem/** = wx
|
||
/online/onlineItem/getAllStrposfastkeyname = anon
|
||
/online/pos/** = anon
|
||
/wx/WxLogin = anon
|
||
/wx/checkWxLogin = anon
|
||
/wx/WxGetPhone = wx
|
||
/wx/WxToken = anon
|
||
/wx/WxGetOrderUnlimited = anon
|
||
/wx/WxGetUrl = anon
|
||
/online/onlineorderh/** = anon
|
||
/wx/** = wx
|
||
/youren/** = wx
|
||
<!-- /youren/** = anon-->
|
||
/** = statelessAuth
|
||
</value>
|
||
</property>
|
||
</bean>
|
||
</beans> |