/**
* 加载ShiroFilter权限控制规则
* 这块代码是负责拦截的
* 也就是说,如果当前登陆的人,不符合访问某个url的访问权限条件的,直接给他弹开
* 也就是分配谁能访问谁
*
*/
private void loadShiroFilterChain(ShiroFilterFactoryBean factoryBean) {
Map<String, String> filterChainMap = new LinkedHashMap<String, String>();
Map<String, String> filterChainMapTemp = new LinkedHashMap<String, String>();
filterChainMap.put("/login", "anon");
filterChainMap.put("/login/check", "anon");
filterChainMap.put("/login/crmCheck", "anon");
filterChainMap.put("/403", "anon");
filterChainMap.put("/assets/**", "anon");
filterChainMap.put("/layui/**", "anon");
filterChainMap.put("/js/**", "anon");
filterChainMap.put("/prism/**", "anon");
filterChainMap.put("/upload/**", "anon");
//给SpringBootAdmin开启权限
filterChainMap.put("/monitor/**", "anon");
filterChainMap.put("/api/**", "anon");
filterChainMap.put("/health/**", "anon");
filterChainMap.put("/favicon.icon", "anon");
filterChainMap.put("/crm/crmLogin", "anon");
//权限分配
filterChainMap.put("/admin/**", "authc");
filterChainMap.put("/role/**", "authc");
filterChainMap.put("/user/**", "authc");
filterChainMap.put("/dict/**", "authc");
filterChainMap.put("/aop/**", "authc");
filterChainMap.put("/car/**", "authc");
filterChainMap.put("/menu/**", "authc");
filterChainMap.put("/crm/**", "authc");
//行为分配
filterChainMap.put("/notice/notice_create", "authc");
filterChainMap.put("/notice/notice_send", "authc");
//登出的过滤器(自定义退出/logout)
filterChainMap.put("/logout", "anon");
//配置记住我,认证通过才可以访问
filterChainMap.put("/index","user");
filterChainMap.put("/main","user");
filterChainMap.put("/**", "authc");
/**
* 为了放行Spring Boot Admin
* 这里启用临时方案 PlanB
* 将shiro倒过来使用
* 所有使用到的页面都加密成需要登陆才能访问
* 其余所有一律采取不拦截
*/
/**
filterChainMapTemp.put("/notice/notice_create", "authc");
filterChainMapTemp.put("/notice/notice_send", "authc");
filterChainMapTemp.put("/js/**", "authc");
filterChainMapTemp.put("/index/**", "authc");
filterChainMapTemp.put("/user/**", "authc");
filterChainMapTemp.put("/dict/**", "authc");
filterChainMapTemp.put("/car/**", "authc");
filterChainMapTemp.put("/aop/**", "authc");
filterChainMapTemp.put("/userinfo/**", "authc");
filterChainMapTemp.put("/calendar/**", "authc");
filterChainMapTemp.put("/admin/**", "authc");
filterChainMapTemp.put("/role/**", "authc");
filterChainMapTemp.put("/menu/**", "authc");
filterChainMapTemp.put("/message/**", "authc");
filterChainMapTemp.put("/notice/**", "authc");
filterChainMapTemp.put("/upload/**", "authc");
filterChainMapTemp.put("/logout", "logout");
filterChainMapTemp.put("/crm/crmLogin", "anon");
*/
filterChainMapTemp.put("/**","anon");
factoryBean.setFilterChainDefinitionMap(filterChainMapTemp);
}
ShiroFilter权限控制规则loadShiroFilterChain
原文:https://www.cnblogs.com/gzhbk/p/12736796.html