From 8beaf701a900ddd5a0a482f425080635ff55166d Mon Sep 17 00:00:00 2001
From: gdg <764716047@qq.com>
Date: 星期一, 01 二月 2021 10:16:35 +0800
Subject: [PATCH] Merge remote-tracking branch 'origin/master' into master

---
 src/main/webapp/WEB-INF/spring-shiro.xml |   61 ++++++++++++++++++++++++++----
 1 files changed, 53 insertions(+), 8 deletions(-)

diff --git a/src/main/webapp/WEB-INF/spring-shiro.xml b/src/main/webapp/WEB-INF/spring-shiro.xml
index 7d0d169..357bd34 100644
--- a/src/main/webapp/WEB-INF/spring-shiro.xml
+++ b/src/main/webapp/WEB-INF/spring-shiro.xml
@@ -1,10 +1,10 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <beans xmlns="http://www.springframework.org/schema/beans"
        xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
-       xmlns:util="http://www.springframework.org/schema/util"
+       xmlns:util="http://www.springframework.org/schema/util" xmlns:cache="http://www.springframework.org/schema/cache"
        xsi:schemaLocation="http://www.springframework.org/schema/beans
        http://www.springframework.org/schema/beans/spring-beans-3.1.xsd
-       http://www.springframework.org/schema/util http://www.springframework.org/schema/util/spring-util.xsd">
+       http://www.springframework.org/schema/util http://www.springframework.org/schema/util/spring-util.xsd http://www.springframework.org/schema/cache http://www.springframework.org/schema/cache/spring-cache.xsd">
 
     <bean id="shiroFilter" class="org.apache.shiro.spring.web.ShiroFilterFactoryBean">
 
@@ -60,11 +60,40 @@
     </bean>
 
     <!-- Cache Manager -->
-    <bean id="cacheManager" class="org.apache.shiro.cache.ehcache.EhCacheManager"></bean>
+    <bean id="cacheManager" class="org.springframework.cache.ehcache.EhCacheCacheManager">
+        <property name="cacheManager" ref="ehcacheManager"/>
+        <property name="transactionAware" value="true"/>
+    </bean>
+
+    <!-- 如果有多个ehcacheManager要在bean加上p:shared="true" -->
+    <bean id="ehcacheManager" class="org.springframework.cache.ehcache.EhCacheManagerFactoryBean">
+        <property name="configLocation" value="WEB-INF/ehcache.xml"/>
+    </bean>
+
+    <!-- cache注解，和spring-redis.xml中的只能使用一个 -->
+    <cache:annotation-driven cache-manager="cacheManager" proxy-target-class="true"/>
+
+    <bean id="shiroSpringCacheManager" class="com.nanometer.smartlab.realm.ShiroSpringCacheManager">
+        <property name="cacheManager" ref="cacheManager"></property>
+    </bean>
 
     <!--session manager-->
     <bean id="sessionManager"
-          class="org.apache.shiro.web.session.mgt.ServletContainerSessionManager">
+          class="org.apache.shiro.web.session.mgt.DefaultWebSessionManager">
+        <!-- url上带sessionId 默认为true -->
+        <property name="sessionIdUrlRewritingEnabled" value="false"/>
+        <property name="sessionDAO" ref="sessionDAO"/>
+        <!-- cookie名称 -->
+        <property name="sessionIdCookie.name" value="gasid"/>
+        <!-- cookie生效路径 -->
+        <property name="sessionIdCookie.path" value="/"/>
+    </bean>
+
+    <!-- 会话DAO 用于会话的CRUD -->
+    <bean id="sessionDAO" class="org.apache.shiro.session.mgt.eis.EnterpriseCacheSessionDAO">
+        <!-- Session缓存名字，默认就是shiro-activeSessionCache -->
+        <property name="activeSessionsCacheName" value="activeSessionCache"/>
+        <property name="cacheManager" ref="shiroSpringCacheManager"/>
     </bean>
 
     <!--credentialsMatcher 密码加密-->
@@ -75,15 +104,31 @@
     </bean>
 
     <!--自定义 Realm-->
-    <bean id="authorizationRealm" class="com.nanometer.smartlab.realm.AuthorizationRealm">
-        <property name="credentialsMatcher" ref="md5Matcher"/>
+    <bean id="authorizationRealm" class="com.nanometer.smartlab.realm.ShiroDbRealm">
+        <constructor-arg index="0" name="cacheManager" ref="shiroSpringCacheManager"/>
+        <constructor-arg index="1" name="matcher" ref="credentialsMatcher"/>
+        <!-- 启用身份验证缓存，即缓存AuthenticationInfo信息，默认false -->
+        <property name="authenticationCachingEnabled" value="true"/>
+        <!-- 缓存AuthenticationInfo信息的缓存名称 -->
+        <property name="authenticationCacheName" value="authenticationCache"/>
+        <!-- 缓存AuthorizationInfo信息的缓存名称 -->
+        <property name="authorizationCacheName" value="authorizationCache"/>
+    </bean>
+    <!-- 密码错误5次锁定5min -->
+    <bean id="credentialsMatcher" class="com.nanometer.smartlab.realm.RetryLimitCredentialsMatcher">
+        <constructor-arg ref="shiroSpringCacheManager"/>
+        <property name="retryLimitCacheName" value="fivMin"/>
+        <!-- 密码加密 1次md5,增强密码可修改此处 -->
+        <property name="hashAlgorithmName" value="MD5"/>
+        <property name="storedCredentialsHexEncoded" value="true"/>
+        <property name="hashIterations" value="1"/>
     </bean>
 
     <!-- Security Manager -->
     <bean id="securityManager" class="org.apache.shiro.web.mgt.DefaultWebSecurityManager">
         <property name="realm" ref="authorizationRealm"/>
         <property name="rememberMeManager" ref="rememberMeManager"/>
-        <property name="cacheManager" ref="cacheManager"/>
+        <property name="cacheManager" ref="shiroSpringCacheManager"/>
         <property name="sessionManager" ref="sessionManager"/>
     </bean>
 
@@ -95,4 +140,4 @@
         <property name="securityManager" ref="securityManager"/>
     </bean>
 
-</beans>
\ No newline at end of file
+</beans>

--
Gitblit v1.9.2