anon configuration in shiro does not take effect

Hits: 0

[anon configuration in shiro] does not take effect

When configuring shiro, the configuration of annon always does not take effect, and the page jump fails to find information on the Internet and summarize it! ! !

Configuration does not take effect code:

@Bean
    public ShiroFilterFactoryBean factory(DefaultWebSecurityManager securityManager) {
        ShiroFilterFactoryBean factoryBean = new ShiroFilterFactoryBean();
        factoryBean.setSecurityManager(securityManager);
        // Add your own filter and name it jwt 
        Map < String , Filter> filterMap = new HashMap<>();
        filterMap.put("jwt", new JWTFilter());
        factoryBean.setFilters(filterMap);
        /*
         * Custom url rules
         */
        Map<String, String> filterRuleMap = new LinkedHashMap<>();
        filterRuleMap.put("/**", "jwt,authc"); 
        filterRuleMap.put("/user/login", "anon");
        filterRuleMap.put("/", "anon");
        filterRuleMap.put("/index.html", "anon");
        factoryBean.setFilterChainDefinitionMap(filterRuleMap);
        return factoryBean;
    }

This way of writing will cause all interfaces to need to verify permissions

Configuration effective code:

@Bean
    public ShiroFilterFactoryBean factory(DefaultWebSecurityManager securityManager) {
        ShiroFilterFactoryBean factoryBean = new ShiroFilterFactoryBean();
        factoryBean.setSecurityManager(securityManager);
        // Add your own filter and name it jwt 
        Map < String , Filter> filterMap = new HashMap<>();
        filterMap.put("jwt", new JWTFilter());
        factoryBean.setFilters(filterMap);
        /*
         * Custom url rules
         */
        Map<String, String> filterRuleMap = new LinkedHashMap<>();
        filterRuleMap.put("/user/login", "anon");
        filterRuleMap.put("/", "anon");
        filterRuleMap.put("/index.html", "anon");
        filterRuleMap.put( "/**" , "jwt,authc" ); 
         // move it to the end
        factoryBean.setFilterChainDefinitionMap(filterRuleMap);
        return factoryBean;
    }

Summarize

When configuring shiro, you must pay attention to a few points:
1. The following code must be LinkedHashMap instead of HashMap.
2. The definition of anon must be before authc

You may also like...

Leave a Reply

Your email address will not be published.