1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19 package org.apache.shiro.samples.spring.config;
20
21 import org.apache.shiro.authc.credential.HashedCredentialsMatcher;
22 import org.apache.shiro.cache.CacheManager;
23 import org.apache.shiro.cache.ehcache.EhCacheManager;
24 import org.apache.shiro.mgt.SecurityManager;
25 import org.apache.shiro.samples.spring.BootstrapDataPopulator;
26 import org.apache.shiro.samples.spring.DefaultSampleManager;
27 import org.apache.shiro.samples.spring.realm.SaltAwareJdbcRealm;
28 import org.apache.shiro.spring.config.ShiroAnnotationProcessorConfiguration;
29 import org.apache.shiro.spring.config.ShiroBeanConfiguration;
30 import org.apache.shiro.spring.remoting.SecureRemoteInvocationExecutor;
31 import org.apache.shiro.spring.web.config.DefaultShiroFilterChainDefinition;
32 import org.apache.shiro.spring.web.config.ShiroFilterChainDefinition;
33 import org.apache.shiro.spring.web.config.ShiroWebConfiguration;
34 import org.apache.shiro.spring.web.config.ShiroWebFilterConfiguration;
35 import org.springframework.context.annotation.Bean;
36 import org.springframework.context.annotation.ComponentScan;
37 import org.springframework.context.annotation.Configuration;
38 import org.springframework.context.annotation.Import;
39 import org.springframework.context.annotation.PropertySource;
40 import org.springframework.jdbc.datasource.DriverManagerDataSource;
41
42 import javax.sql.DataSource;
43
44 import static org.apache.shiro.web.filter.mgt.DefaultFilter.anon;
45
46
47
48
49 @Configuration
50 @PropertySource("classpath:application.properties")
51 @Import({ShiroBeanConfiguration.class,
52 ShiroAnnotationProcessorConfiguration.class,
53 ShiroWebConfiguration.class,
54 ShiroWebFilterConfiguration.class,
55 JspViewsConfig.class,
56 RemotingServletConfig.class})
57 @ComponentScan("org.apache.shiro.samples.spring")
58 public class ApplicationConfig {
59
60
61
62
63
64
65
66 @Bean
67 protected BootstrapDataPopulator bootstrapDataPopulator(DataSource dataSource) {
68 BootstrapDataPopulator populator =new BootstrapDataPopulator();
69 populator.setDataSource(dataSource);
70 return populator;
71 }
72
73
74
75
76
77
78
79
80
81 @Bean
82 protected SaltAwareJdbcRealm jdbcRealm(DataSource dataSource) {
83
84 HashedCredentialsMatcher credentialsMatcher = new HashedCredentialsMatcher();
85 credentialsMatcher.setHashAlgorithmName("SHA-256");
86 credentialsMatcher.setStoredCredentialsHexEncoded(false);
87
88 SaltAwareJdbcRealm jdbcRealm = new SaltAwareJdbcRealm();
89 jdbcRealm.setName("jdbcRealm");
90 jdbcRealm.setCredentialsMatcher(credentialsMatcher);
91 jdbcRealm.setDataSource(dataSource);
92
93 return jdbcRealm;
94 }
95
96
97
98
99
100
101
102
103
104 @Bean
105 protected EhCacheManager cacheManager() {
106
107 EhCacheManager ehCacheManager = new EhCacheManager();
108
109
110
111
112
113
114
115
116
117
118 return ehCacheManager;
119 }
120
121
122
123
124
125
126
127 @Bean
128 protected SecureRemoteInvocationExecutor secureRemoteInvocationExecutor(SecurityManager securityManager) {
129
130 SecureRemoteInvocationExecutor executor = new SecureRemoteInvocationExecutor();
131 executor.setSecurityManager(securityManager);
132
133 return executor;
134 }
135
136
137
138
139
140
141 @Bean
142 protected DefaultSampleManager sampleManager() {
143 return new DefaultSampleManager();
144 }
145
146
147
148
149
150 @Bean
151 protected DriverManagerDataSource dataSource() {
152
153 DriverManagerDataSource dataSource = new DriverManagerDataSource();
154 dataSource.setDriverClassName("org.hsqldb.jdbcDriver");
155 dataSource.setUrl("jdbc:hsqldb:mem:shiro-spring");
156 dataSource.setUsername("sa");
157
158 return dataSource;
159 }
160
161 @Bean
162 public ShiroFilterChainDefinition shiroFilterChainDefinition() {
163 DefaultShiroFilterChainDefinition chainDefinition = new DefaultShiroFilterChainDefinition();
164
165
166
167
168 chainDefinition.addPathDefinition("/favicon.ico", "anon");
169 chainDefinition.addPathDefinition("/logo.png", "anon");
170 chainDefinition.addPathDefinition("/shiro.css", "anon");
171 chainDefinition.addPathDefinition("/s/login", "anon");
172 chainDefinition.addPathDefinition("/*.jar", "anon");
173 chainDefinition.addPathDefinition("/remoting/**", "anon");
174 chainDefinition.addPathDefinition("/**", "authc");
175
176
177 return chainDefinition;
178 }
179
180
181 }