/*
* Copyright (c) 2017 4PX Information Technology Co.,Ltd. All rights reserved.
*/
package com.fpx.order.csm.config;

import java.util.Arrays;
import java.util.EventListener;
import java.util.LinkedHashMap;
import java.util.List;
import java.util.Map;

import javax.servlet.Filter;

import org.apache.catalina.connector.Connector;
import org.apache.shiro.cas.CasFilter;
import org.apache.shiro.cas.CasSubjectFactory;
import org.apache.shiro.session.mgt.eis.MemorySessionDAO;
import org.apache.shiro.spring.LifecycleBeanPostProcessor;
import org.apache.shiro.spring.security.interceptor.AuthorizationAttributeSourceAdvisor;
import org.apache.shiro.spring.web.ShiroFilterFactoryBean;
import org.apache.shiro.web.filter.authc.LogoutFilter;
import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
import org.apache.shiro.web.servlet.Cookie;
import org.apache.shiro.web.servlet.SimpleCookie;
import org.apache.shiro.web.session.mgt.DefaultWebSessionManager;
import org.dozer.DozerBeanMapper;
import org.jasig.cas.client.session.SingleSignOutFilter;
import org.jasig.cas.client.session.SingleSignOutHttpSessionListener;
import org.springframework.aop.framework.autoproxy.DefaultAdvisorAutoProxyCreator;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.beans.factory.config.MethodInvokingFactoryBean;
import org.springframework.boot.context.embedded.tomcat.TomcatConnectorCustomizer;
import org.springframework.boot.web.servlet.FilterRegistrationBean;
import org.springframework.boot.web.servlet.ServletListenerRegistrationBean;
import org.springframework.context.EnvironmentAware;
import org.springframework.context.MessageSource;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.ComponentScan;
import org.springframework.context.annotation.Configuration;
import org.springframework.context.support.ReloadableResourceBundleMessageSource;
import org.springframework.core.env.Environment;
import org.springframework.http.MediaType;
import org.springframework.http.converter.HttpMessageConverter;
import org.springframework.web.filter.CharacterEncodingFilter;
import org.springframework.web.filter.DelegatingFilterProxy;
import org.springframework.web.servlet.HandlerExceptionResolver;
import org.springframework.web.servlet.config.annotation.WebMvcConfigurerAdapter;
import org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerAdapter;
import org.springframework.web.servlet.mvc.support.DefaultHandlerExceptionResolver;

import com.fpx.basic.sdk.rbaccenter.RBACCenterService;
import com.fpx.common.core.tool.GIdUtil;
import com.fpx.order.common.context.PcsHandlerExceptionResolver;
import com.fpx.order.common.context.PcsMappingJackson2HttpMessageConverter;
import com.fpx.order.common.util.JsonObjectMapper;
import com.fpx.order.csm.realm.MyCasRealm;
import com.fpx.order.util.convert.PojoConverter;

/**
*
* @author linzhh
* @date 2017年7月7日
*/
@ComponentScan(basePackages = { "com.fpx.order.common.context" })
@Configuration
public class ApplicationConfig extends WebMvcConfigurerAdapter implements EnvironmentAware {

@Autowired
private Environment env;

@Bean
public PojoConverter pojoConverter() {
List<String> mappingFiles = Arrays.asList("META-INF/dozer/dozer-mapping.xml");
DozerBeanMapper dozerBeanMapper = new DozerBeanMapper();
dozerBeanMapper.setMappingFiles(mappingFiles);

return new PojoConverter(dozerBeanMapper);
}

@Value("${datacenterId}")
private long datacenterId;

@Bean
public GIdUtil gIdUtil() {
return new GIdUtil(datacenterId);
}

@Bean(name = "myCasRealm")
public MyCasRealm myCasRealm() {
MyCasRealm realm = new MyCasRealm();
realm.setCasServerUrlPrefix(env.getProperty("cas.server.url"));
realm.setCasService(env.getProperty("cas.client.url") + "/login");
realm.setAuthorizationCachingEnabled(false);
return realm;
}

@Bean
public FilterRegistrationBean filterRegistrationBean1() {
FilterRegistrationBean filterRegistration = new FilterRegistrationBean();
SingleSignOutFilter ssFilter = new SingleSignOutFilter();
filterRegistration.setFilter(ssFilter);
// filterRegistration.addInitParameter("excludedPages",
// "/customer/package/prealert/**");
filterRegistration.setEnabled(true);
filterRegistration.addUrlPatterns("/*");
// CharacterEncodingFilter characterEncodingFilter = new
// CharacterEncodingFilter();
// characterEncodingFilter.setForceEncoding(true);
// characterEncodingFilter.setEncoding("UTF-8");
// filterRegistration.setFilter(characterEncodingFilter);
filterRegistration.setOrder(1);
return filterRegistration;
}

@Bean
public FilterRegistrationBean filterRegistrationBean2() {
FilterRegistrationBean filterRegistration = new FilterRegistrationBean();
CharacterEncodingFilter characterEncodingFilter = new CharacterEncodingFilter();
characterEncodingFilter.setForceEncoding(true);
characterEncodingFilter.setEncoding("UTF-8");
filterRegistration.setFilter(characterEncodingFilter);
filterRegistration.setOrder(2);
return filterRegistration;
}

@Bean
public FilterRegistrationBean filterRegistrationBean3() {
FilterRegistrationBean filterRegistration = new FilterRegistrationBean();
filterRegistration.setFilter(new DelegatingFilterProxy("shiroFilter"));
// 该值缺省为false,表示生命周期由SpringApplicationContext管理,设置为true则表示由ServletContainer管理
filterRegistration.addInitParameter("targetFilterLifecycle", "true");
filterRegistration.setEnabled(true);
filterRegistration.addUrlPatterns("/*");
filterRegistration.setOrder(3);
return filterRegistration;
}

// @Bean
// public FilterRegistrationBean filterRegistrationBean3() {
// FilterRegistrationBean filterRegistration = new FilterRegistrationBean();
// filterRegistration.setOrder(3);
// filterRegistration.setFilter(new SessionFilter());
// filterRegistration.setEnabled(true);
// filterRegistration.addUrlPatterns("/*");
// return filterRegistration;
// }

@Bean
public ServletListenerRegistrationBean<EventListener> getListener() {
ServletListenerRegistrationBean<EventListener> registrationBean = new ServletListenerRegistrationBean<>();
registrationBean.setListener(new SingleSignOutHttpSessionListener());
return registrationBean;
}

@Bean(name = "lifecycleBeanPostProcessor")
public LifecycleBeanPostProcessor getLifecycleBeanPostProcessor() {
return new LifecycleBeanPostProcessor();
}

@Bean
public DefaultAdvisorAutoProxyCreator getDefaultAdvisorAutoProxyCreator() {
DefaultAdvisorAutoProxyCreator daap = new DefaultAdvisorAutoProxyCreator();
daap.setProxyTargetClass(true);
return daap;
}

@Bean(name = "securityManager")
public DefaultWebSecurityManager getDefaultWebSecurityManager(MyCasRealm myCasRealm) {
DefaultWebSecurityManager dwsm = new DefaultWebSecurityManager();
dwsm.setSessionManager(getDefaultWebSessionManager());
dwsm.setRealm(myCasRealm);
dwsm.setSubjectFactory(new CasSubjectFactory());
return dwsm;
}

@Bean(name = "sessionManager")
public DefaultWebSessionManager getDefaultWebSessionManager() {
DefaultWebSessionManager sessionManager = new DefaultWebSessionManager();
sessionManager.setGlobalSessionTimeout(1000 * 60 * 60 * 24);// 24小时session超时
sessionManager.setSessionDAO(getMemorySessionDAO());
sessionManager.setSessionValidationInterval(1000 * 60 * 60 * 10);// 每10小时检查一次是否有超时session并删除
Cookie cookie = new SimpleCookie("PCSCJSESSIONID");
cookie.setHttpOnly(true);
sessionManager.setSessionIdCookie(cookie);
sessionManager.setDeleteInvalidSessions(true);
sessionManager.setSessionValidationSchedulerEnabled(true);
return sessionManager;
}

@Bean(name = "memorySessionDAO")
public MemorySessionDAO getMemorySessionDAO() {
return new MemorySessionDAO();
}

@Bean
public AuthorizationAttributeSourceAdvisor getAuthorizationAttributeSourceAdvisor(
DefaultWebSecurityManager securityManager) {
AuthorizationAttributeSourceAdvisor aasa = new AuthorizationAttributeSourceAdvisor();
aasa.setSecurityManager(securityManager);
return aasa;
}

@Bean(name = "rBACCenterService")
public RBACCenterService getRBACCenterService() {
return new RBACCenterService(env.getProperty("rbac.center.url"), env.getProperty("sys.clientId"));
}

// @Bean(name="userFilter")
// public PcsCasFilter userFilter(){
// PcsCasFilter filter = new PcsCasFilter();
// return filter;
// }

@Bean(name = "casFilter")
public CasFilter casFilter() {
CasFilter casFilter = new CasFilter();
// PcsCasFilter casFilter = new PcsCasFilter();
casFilter.setName("casFilter");
casFilter.setEnabled(true);
// 登录失败后跳转的URL,也就是 Shiro 执行 CasRealm 的 doGetAuthenticationInfo
// 方法向CasServer验证tiket
casFilter.setFailureUrl(
env.getProperty("cas.server.url") + "/login?service=" + env.getProperty("cas.client.url") + "/login");// 认证失败后再打开登录页面
return casFilter;
}

@Bean(name = "shiroFilter")
public ShiroFilterFactoryBean getShiroFilterFactoryBean(DefaultWebSecurityManager securityManager,
CasFilter casFilter/* ,UserFilter userFilter */) {
ShiroFilterFactoryBean shiroFilterFactoryBean = new ShiroFilterFactoryBean();
LogoutFilter logoutFilter = new LogoutFilter();
logoutFilter.setName("logout");
logoutFilter.setEnabled(true);
logoutFilter.setRedirectUrl(
env.getProperty("cas.server.url") + "/logout?service=" + env.getProperty("cas.client.url"));
// 必须设置 SecurityManager
shiroFilterFactoryBean.setSecurityManager(securityManager);
// 如果不设置默认会自动寻找Web工程根目录下的"/login.jsp"页面
shiroFilterFactoryBean.setLoginUrl(
env.getProperty("cas.server.url") + "/login?service=" + env.getProperty("cas.client.url") + "/login");
// 登录成功后要跳转的连接
shiroFilterFactoryBean.setSuccessUrl("/");
shiroFilterFactoryBean.setUnauthorizedUrl("/403");
// SessionFilter sessionFilter = new SessionFilter();
// 添加casFilter到shiroFilter中
Map<String, Filter> filters = new LinkedHashMap<>();
// FormAuthenticationFilter authc = new FormAuthenticationFilter();
// AnonymousFilter anon = new AnonymousFilter();
filters.put("logout", logoutFilter);
filters.put("casFilter", casFilter);
// filters.put("anon", anon);
// filters.put("authc", authc);
// filters.put("sessionFilter", sessionFilter);
// filters.put("user", userFilter);
shiroFilterFactoryBean.setFilters(filters);

Map<String, String> filterChainDefinitionMap = new LinkedHashMap<String, String>();
filterChainDefinitionMap.put("/js/**", "anon");
filterChainDefinitionMap.put("/script/**", "anon");
filterChainDefinitionMap.put("/css/**", "anon");
filterChainDefinitionMap.put("/error/**", "anon");
filterChainDefinitionMap.put("/manage/**", "anon");// 健康检查
// 支持会员填写无预报包裹数据
filterChainDefinitionMap.put("/customer/package/prealert/**", "anon");
filterChainDefinitionMap.put("/sys/data/dictionary/**", "anon");
filterChainDefinitionMap.put("/category/**", "anon");
filterChainDefinitionMap.put("/area/**", "anon");

filterChainDefinitionMap.put("/common/**", "anon");
filterChainDefinitionMap.put("/WEB-INF/pages/error/**", "anon");
filterChainDefinitionMap.put("/images/**", "anon");
filterChainDefinitionMap.put("/imgs/**", "anon");
filterChainDefinitionMap.put("/img/**", "anon");
filterChainDefinitionMap.put("/plugins/**", "anon");
filterChainDefinitionMap.put("/layer/**", "anon");
filterChainDefinitionMap.put("/widgets/**", "anon");
filterChainDefinitionMap.put("/logout", "logout");
filterChainDefinitionMap.put("/login", "casFilter");
filterChainDefinitionMap.put("/heartbeat", "anon");
filterChainDefinitionMap.put("/prealert/track/simulateMQTrackMessage", "anon");
filterChainDefinitionMap.put("/prealert/track/twxSendTrack", "anon"); // 淘海外系统调用此接口推送轨迹
filterChainDefinitionMap.put("/prealert/track/getSendMessageOrReSend", "anon"); // 修复数据开启,结束后关闭
filterChainDefinitionMap.put("/favicon.ico", "anon");
filterChainDefinitionMap.put("/**", "user");
// filterChainDefinitionMap.put("/**", "sessionFilter");

shiroFilterFactoryBean.setFilterChainDefinitionMap(filterChainDefinitionMap);
return shiroFilterFactoryBean;
}

@Bean
public MethodInvokingFactoryBean getMethodInvokingFactoryBean(DefaultWebSecurityManager securityManager) {

MethodInvokingFactoryBean methodInvokingFactoryBean = new MethodInvokingFactoryBean();

methodInvokingFactoryBean.setStaticMethod("org.apache.shiro.SecurityUtils.setSecurityManager");

methodInvokingFactoryBean.setArguments(new Object[] { securityManager });

return methodInvokingFactoryBean;
}

@Override
public void setEnvironment(Environment env) {
this.env = env;
}

@Bean
public TomcatConnectorCustomizer tomcatConnectorCustomizer() {
return new TomcatConnectorCustomizer() {
@Override
public void customize(Connector connector) {
connector.setURIEncoding("UTF-8");
connector.setUseBodyEncodingForURI(true);
}
};
}

@Bean
public MessageSource messageSource() {
// ResourceBundleMessageSource ms = new ResourceBundleMessageSource();
// ReloadableResourceBundleMessageSource ms = new
// PcsReloadableResourceBundleMessageSource();
ReloadableResourceBundleMessageSource ms = new ReloadableResourceBundleMessageSource();
ms.setBasenames(new String[] { "classpath:META-INF/i18n/csm", "classpath:META-INF/i18n/global" });
ms.setCacheSeconds(20);
ms.setUseCodeAsDefaultMessage(true);
return ms;
}

// public MappingJackson2HttpMessageConverter
// mappingJackson2HttpMessageConverter(){
// return new PcsMappingJackson2HttpMessageConverter();
// }
@Bean
public RequestMappingHandlerAdapter requestMappingHandlerAdapter() {
RequestMappingHandlerAdapter adapter = new RequestMappingHandlerAdapter();
adapter.getMessageConverters().add(new PcsMappingJackson2HttpMessageConverter());
return adapter;
}

// @Bean
// public DateJsonDeserializer dateJsonDeserializer(){
// return new DateJsonDeserializer();
// }

@Override
public void configureMessageConverters(List<HttpMessageConverter<?>> converters) {
PcsMappingJackson2HttpMessageConverter converter = new PcsMappingJackson2HttpMessageConverter();
//// converter.setMessageSource(messageSource);
// converters.add(converter);
converter.setObjectMapper(new JsonObjectMapper());
converter.setSupportedMediaTypes(Arrays.asList(MediaType.APPLICATION_JSON, MediaType.APPLICATION_JSON_UTF8));
converters.add(converter);
// converters.add(new PcsMappingJackson2HttpMessageConverter());
}

@Override // 这里配置后,会在HandlerExceptionResolverComposite中的处理器列表中加上这里配置的异常处理器,原默认列表中的处理器都失效
public void configureHandlerExceptionResolvers(List<HandlerExceptionResolver> exceptionResolvers) {
DefaultHandlerExceptionResolver pcsExceptionResolver = new PcsHandlerExceptionResolver();
exceptionResolvers.add(pcsExceptionResolver);
}
}

------------------------------------------------------------------------------------------------------------------------------------

Spring 静态注入讲解(MethodInvokingFactoryBean)

 soゝso2016-08-22 14:53:56 3485

分享到:

与其说是静态注入(IOC),不如讲是对JavaBean 的静态成员变量进行赋值。

一般我们在使用依赖注入的时候,如果当前对象(javaBean )创建(实例化)一次,那么非静态的成员变量也会实例化一次,用来支持当前对象的正常使用。而我们有的时候,一些对象是单例(scope="singleton" )的,或者一些变量从项目启动从配置文件加载后不需要变化,那么这种情况下怎么处理呢?

静态注入配置(XML):

 
  1. <!-- 静态注入,相当于调用SecurityUtils.setSecurityManager(securityManager) -->
  2. <bean class="org.springframework.beans.factory.config.MethodInvokingFactoryBean">
  3. <property name="staticMethod" value="org.apache.shiro.SecurityUtils.setSecurityManager"/>
  4. <property name="arguments" ref="securityManager"/>
  5. </bean>

上面注释写的很清楚,等于调用了下面的方法:

 
  1. SecurityUtils.setSecurityManager(securityManager)

就这么简单。

指定一个staticMethod ,静态的set 方法,另外一个参数是目标对象。把这个对象赋值过去。

如果arguments 是多个,采用List赋值。

 
  1. <!-- 静态注入,相当于调用SecurityUtils.setSecurityManager(securityManager) -->
  2. <bean class="org.springframework.beans.factory.config.MethodInvokingFactoryBean">
  3. <property name="staticMethod" value="org.apache.shiro.SecurityUtils.setSecurityManager"/>
  4. <property name="arguments">
  5. <list>
  6. <value>securityManager</value>
  7. </list>
  8. </property>
  9. </bean>

Spring 静态注入讲解(MethodInvokingFactoryBean)的更多相关文章

  1. Spring静态注入的三种方式

    版权声明:本文为博主原创文章,未经博主允许不得转载. https://blog.csdn.net/chen1403876161/article/details/53644024Spring静态注入的三 ...

  2. spring 静态注入

    1.静态注入 在setter 方法修改为非 static , 然后在上面注入即可 @Component public class WeixinConfig { // token public stat ...

  3. spring静态注入

    与其说是静态注入(IOC),不如讲是对JavaBean 的静态成员变量进行赋值. 一般我们在使用依赖注入的时候,如果当前对象(javaBean )创建(实例化)一次,那么非静态的成员变量也会实例化一次 ...

  4. 转: spring静态注入

    与其说是静态注入(IOC),不如讲是对JavaBean 的静态成员变量进行赋值. 一般我们在使用依赖注入的时候,如果当前对象(javaBean )创建(实例化)一次,那么非静态的成员变量也会实例化一次 ...

  5. Spring静态属性注入

    今天遇到一个工具类,需要静态注入一个属性,方法如下: 第一步:属性的set和get方法不要加static package cn.com.chinalife.ebusiness.common.util; ...

  6. spring配置文件注入到静态变量

    spring配置注入到静态文件代码如下: package com.test.oss; import org.springframework.beans.factory.annotation.Value ...

  7. Spring 依赖注入方式详解

    平常的Java开发中,程序员在某个类中需要依赖其它类的方法. 通常是new一个依赖类再调用类实例的方法,这种开发存在的问题是new的类实例不好统一管理. Spring提出了依赖注入的思想,即依赖类不由 ...

  8. Spring依赖注入三种方式详解

    在讲解Spring依赖注入之前的准备工作: 下载包含Spring的工具jar包的压缩包 解压缩下载下来的Spring压缩包文件 解压缩之后我们会看到libs文件夹下有许多jar包,而我们只需要其中的c ...

  9. 使用Dagger2做静态注入, 对比Guice.

    Dagger 依赖注入的诉求, 这边就不重复描述了, 在上文Spring以及Guice的IOC文档中都有提及, 既然有了Guice, Google为啥还要搞个Dagger2出来重复造轮子呢? 因为使用 ...

随机推荐

  1. 【BZOJ4538】[Hnoi2016]网络 整体二分+树状数组

    [BZOJ4538][Hnoi2016]网络 Description 一个简单的网络系统可以被描述成一棵无根树.每个节点为一个服务器.连接服务器与服务器的数据线则看做一条树边.两个服务器进行数据的交互 ...

  2. mac下面安装多个JDK

    JDK8 GA之后,小伙伴们喜大普奔,纷纷跃跃欲试,想体验一下Java8的Lambda等新特性,可是目前Java企业级应用的主打版本还是JDK6, JDK7.因此,我需要在我的电脑上同时有JDK8,J ...

  3. Java 8 Lambda 表达式详解

    一.Java 8 Lambda 表达式了解 参考:Java 8 Lambda 表达式 | 菜鸟教程 1.1 介绍: Lambda 表达式,也可称为闭包,是推动 Java 8 发布的最重要新特性. La ...

  4. python之MySQL学习——数据操作

    1.增 import pymysql as ps # 打开数据库连接 db = ps.connect(host=', database='test', charset='utf8') # 创建一个游标 ...

  5. cygwin简介,安装及卸载(体验UNIX & Linux环境)

    对于爱好者或初学者来说,为了体验UNIX & Linux环境,去安装虚拟机或双系统稍显麻烦,cygwin是一个很好的选择 具/原料   安装windows的电脑一台(可以联网) 法/步骤   ...

  6. YOLO v1论文笔记

    You Only Look Once:Unified, Real-Time Object Detection   论文链接:https://arxiv.org/abs/1506.02640 Homep ...

  7. Centos7 下安装mysql数据库

    centos7系统,安装mysql发现已经默认的是mariadb. 只能安装mariadb,mariadb是mysql一个分支,对mysql完全支持 1 安装 yum -y install maria ...

  8. CCCallFunc, CCCallFuncN, CCCallFuncND 三者的区别

    今天学习过程中,自己敲了一个例子,结果在执行Action的时候出现了错误.经排查发现是CCCallFunc使用的问题,应该使用CCCallFuncN,然后搜了下他们的区别,才知道,是因为有一个参数的问 ...

  9. myeclipse10.7导出war包时出错解决办法

    myeclipse10.7的版本破解后,导出war包时报“SECURITY ALERT: INTEGERITY CHECK ERROR”的错误. 选中项目->export->java ee ...

  10. MongoDB的Python客户端PyMongo(转)

    原文:https://serholiu.com/python-mongodb 这几天在学习Python Web开发,于是做准备做一个博客来练练手,当然,只是练手的,博客界有WordPress这样的好玩 ...