Shiro拦截所有js,图片,CSS并且无法访问该方法
这是web.xml
<context-param>
<param-name>contextConfigLocation</param-name>
<param-value>classpath:applicationContext.xml</param-value>
</context-param>
<listener>
<listener-class>
org.springframework.web.context.ContextLoaderListener
</listener-class>
</listener>
<!-- 前端控制器的配置 -->
<servlet>
<servlet-name>spring</servlet-name>
<servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
<!--指定spring配置文件的位置 -->
<init-param>
<param-name>contextConfigLocation</param-name>
<param-value>classpath:applicationContext.xml</param-value>
</init-param>
<load-on-startup>1</load-on-startup>
</servlet>
<!-- 所有以.html和.json的请求都由dispatcherServlet来处理的配置 -->
<servlet-mapping>
<servlet-name>spring</servlet-name>
<url-pattern>/*</url-pattern>
</servlet-mapping>
<!--?Shiro?filter 需放在所有filter之前 -->
<filter>
<filter-name>shiroFilter</filter-name>
<filter-class>
org.springframework.web.filter.DelegatingFilterProxy
</filter-class>
<init-param>
<param-name>targetFilterLifecycle</param-name>
<param-value>true</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>shiroFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<filter>
<filter-name>encodingFilter</filter-name>
<filter-class>org.springframework.web.filter.CharacterEncodingFilter</filter-class>
<init-param>
<param-name>encoding</param-name>
<param-value>utf-8</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>encodingFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<filter>
<filter-name>ftlFilter</filter-name>
<filter-class>com.cms.filter.FtlFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>ftlFilter</filter-name>
<url-pattern>*.ftl</url-pattern>
</filter-mapping>
<filter>
<filter-name>manage</filter-name>
<filter-class>com.cms.filter.ManageFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>manage</filter-name>
<url-pattern>/manage/*</url-pattern>
</filter-mapping>
<!-- 让web应用程序启动那个时自动添加属性文件 -->
<context-param>
<param-name>log4jConfigLocation</param-name>
<param-value>classpath:log4j.properties</param-value>
</context-param>
<!-- 以Listener方式启动LOG4j -->
<listener>
<listener-class>org.springframework.web.util.Log4jConfigListener</listener-class>
</listener>
<!-- 以Listener方式启动spring -->
<listener>
<listener-class>org.springframework.web.util.IntrospectorCleanupListener</listener-class>
</listener>
<listener>
<listener-class>org.springframework.web.util.WebAppRootListener</listener-class>
</listener>
<session-config>
<session-timeout>20</session-timeout>
</session-config>
<error-page>
<error-code>404</error-code>
<location>/404.htm</location>
</error-page>
<error-page>
<error-code>500</error-code>
<location>/500.htm</location>
</error-page>
这是applicationContext.xml
<!-- 自动扫描的包名 -->
<context:component-scan base-package="com.cms"></context:component-scan>
<mvc:annotation-driven />
<cache:annotation-driven key-generator="keyGeneratorService"/>
<mvc:resources mapping="/static/**" location="/WEB-INF/static/"
cache-period="31556926" />
<mvc:resources mapping="/upload/**" location="/upload/"
cache-period="31556926" />
<mvc:interceptors>
<mvc:interceptor>
<mvc:mapping path="/**" />
<bean class="com.cms.filter.GlobalInterceptor"></bean>
</mvc:interceptor>
</mvc:interceptors>
<!-- spring自己的换管理器,这里定义了两个缓存位置名称 ,既注解中的value -->
<bean id="cacheManager" class="org.springframework.cache.support.SimpleCacheManager">
<property name="caches">
<set>
<bean
class="org.springframework.cache.concurrent.ConcurrentMapCacheFactoryBean"
p:name="default" />
<bean
class="org.springframework.cache.concurrent.ConcurrentMapCacheFactoryBean"
p:name="config" />
<bean
class="org.springframework.cache.concurrent.ConcurrentMapCacheFactoryBean"
p:name="folder" />
<bean
class="org.springframework.cache.concurrent.ConcurrentMapCacheFactoryBean"
p:name="article" />
<bean
class="org.springframework.cache.concurrent.ConcurrentMapCacheFactoryBean"
p:name="media" />
</set>
</property>
</bean>
<!-- 在XML配置文件中加入外部属性文件,当然也可以指定外部文件的编码 -->
<bean id="propertyConfigurer" class="com.cms.util.PropertyUtils">
<property name="locations">
<list>
<value>classpath:shishuocms.properties</value> <!-- 指定外部文件的编码 -->
</list>
</property>
</bean>
<!-- FreeMarker的配置 -->
<bean id="freeMarkerConfigurer"
class="org.springframework.web.servlet.view.freemarker.FreeMarkerConfigurer">
<property name="templateLoaderPaths" value="/WEB-INF/static/" />
<property name="defaultEncoding" value="UTF-8" />
<property name="freemarkerSettings">
<props>
<prop key="template_update_delay">10</prop>
<prop key="defaultEncoding">UTF-8</prop>
<prop key="url_escaping_charset">UTF-8</prop>
<prop key="locale">zh_CN</prop>
<prop key="boolean_format">true,false</prop>
<prop key="time_format">HH:mm:ss</prop>
<prop key="datetime_format">yyyy-MM-dd HH:mm:ss</prop>
<prop key="date_format">yyyy-MM-dd</prop>
<prop key="number_format">#.##</prop>
<prop key="whitespace_stripping">true</prop>
</props>
</property>
</bean>
<!-- 配置 FreeMarker视图解析器 -->
<bean id="viewResolver"
class="org.springframework.web.servlet.view.freemarker.FreeMarkerViewResolver">
<property name="viewClass"
value="org.springframework.web.servlet.view.freemarker.FreeMarkerView"></property>
<property name="cache" value="false" />
<!-- <property name="prefix" value="" /> -->
<property name="suffix" value=".ftl" /><!--可为空,方便实现自已的依据扩展名来选择视图解释类的逻辑 -->
<property name="contentType" value="text/html;charset=utf-8" />
<property name="exposeRequestAttributes" value="true" />
<property name="exposeSessionAttributes" value="true" />
<property name="exposeSpringMacroHelpers" value="true" />
</bean>
<bean id="dataSource" class="org.apache.commons.dbcp.BasicDataSource">
<property name="driverClassName" value="${jdbc.driverClass}" />
<property name="url" value="${jdbc.url}" />
<property name="username" value="${jdbc.username}" />
<property name="password" value="${jdbc.password}" />
</bean>
<!-- 创建SqlSessionFactory,同时指定数据源 -->
<bean id="sqlSessionFactory" class="org.mybatis.spring.SqlSessionFactoryBean">
<property name="dataSource" ref="dataSource" />
</bean>
<!-- 配置事务管理器 -->
<bean id="transactionManager"
class="org.springframework.jdbc.datasource.DataSourceTransactionManager">
<property name="dataSource" ref="dataSource" />
</bean>
<!--创建数据映射器,数据映射器必须为接口 -->
<bean class="org.mybatis.spring.mapper.MapperScannerConfigurer">
<property name="annotationClass" value="org.springframework.stereotype.Repository" />
<property name="basePackage" value="com.cms.dao" />
</bean>
<!-- shiro -->
<bean id="securityManager"
class="org.apache.shiro.web.mgt.DefaultWebSecurityManager">
<property name="realm" ref="shiroDbRealm" />
</bean>
<!-- 項目自定义的Realm -->
<bean id="shiroDbRealm" class="com.cms.realm.ShiroDbRealm" ></bean>
<!-- Shiro Filter -->
<bean id="shiroFilter"
class="org.apache.shiro.spring.web.ShiroFilterFactoryBean">
<property name="securityManager" ref="securityManager" />
<property name="loginUrl" value="/" />
<property name="successUrl" value="index.htm" />
<property name="unauthorizedUrl" value="/static/manage/500" />
<property name="filterChainDefinitions">
<value>
/login = anon
/validateCode = anon
/** = authc
</value>
</property>
</bean>
<!-- 开启Shiro注解的Spring配置方式的beans。在lifecycleBeanPostProcessor之后运行 -->
<bean
class="org.springframework.aop.framework.autoproxy.DefaultAdvisorAutoProxyCreator"
depends-on="lifecycleBeanPostProcessor" />
<bean
class="org.apache.shiro.spring.security.interceptor.AuthorizationAttributeSourceAdvisor">
<property name="securityManager" ref="securityManager" />
</bean>
<!-- Shiro生命周期处理器-->
<bean id="lifecycleBeanPostProcessor"
class="org.apache.shiro.spring.LifecycleBeanPostProcessor"/>
<!-- shiro为集成spring -->
<bean class="org.springframework.web.servlet.handler.SimpleMappingExceptionResolver">
<property name="exceptionMappings">
<props>
<prop key="org.apache.shiro.authz.UnauthorizedException">/static/manage/500</prop>
</props>
</property>
</bean>
我的login.ftl提交网址是
action="${BASE_PATH}/admin/login.json"
java是
@ResponseBody
@RequestMapping(value = "/login.json", method = RequestMethod.POST)
public JsonVo<String> adminLogin{}
答案 0 :(得分:0)
我用
修改applicationContext.xml<property name="filterChainDefinitions">
<value>
/** = anon
</value>
</property>
并且没问题