From 3db837d6d64ed85d6a18a96cec67a963e7f0ce16 Mon Sep 17 00:00:00 2001 From: thinkgem Date: Fri, 26 Jan 2024 14:43:03 +0800 Subject: [PATCH] =?UTF-8?q?=E4=BB=A3=E7=A0=81=E4=BC=98=E5=8C=96?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../common/shiro/filter/FormFilter.java | 16 +++--- .../common/shiro/filter/InnerFilter.java | 6 +- .../shiro/filter/PermissionsFilter.java | 10 ++-- .../common/shiro/filter/RolesFilter.java | 13 ++--- .../common/shiro/filter/UserFilter.java | 13 ++--- .../modules/config/web/SchemeHttpsConfig.java | 57 +++++++------------ 6 files changed, 48 insertions(+), 67 deletions(-) diff --git a/modules/core/src/main/java/com/jeesite/common/shiro/filter/FormFilter.java b/modules/core/src/main/java/com/jeesite/common/shiro/filter/FormFilter.java index d9bf0073..fb08c214 100644 --- a/modules/core/src/main/java/com/jeesite/common/shiro/filter/FormFilter.java +++ b/modules/core/src/main/java/com/jeesite/common/shiro/filter/FormFilter.java @@ -200,14 +200,6 @@ public class FormFilter extends org.apache.shiro.web.filter.authc.FormAuthentica protected boolean isAccessAllowed(ServletRequest request, ServletResponse response, Object mappedValue) { return (!isLoginRequest(request, response) && isPermissive(mappedValue)); // 不验证登录状态,只验证登录请求 } - - /** - * 跳转登录页时,跳转到默认首页 - */ - @Override - protected void redirectToLogin(ServletRequest request, ServletResponse response) throws IOException { - PermissionsFilter.redirectToDefaultPath(request, response); - } /** * 地址访问接入验证 @@ -255,6 +247,14 @@ public class FormFilter extends org.apache.shiro.web.filter.authc.FormAuthentica boolean isLogin = WebUtils.isTrue(request, LOGIN_PARAM); return super.isLoginSubmission(request, response) || isLogin; } + + /** + * 跳转登录页时,跳转到默认首页 + */ + @Override + protected void redirectToLogin(ServletRequest request, ServletResponse response) throws IOException { + PermissionsFilter.redirectToDefaultPath(request, response); + } /** * 执行登录方法 diff --git a/modules/core/src/main/java/com/jeesite/common/shiro/filter/InnerFilter.java b/modules/core/src/main/java/com/jeesite/common/shiro/filter/InnerFilter.java index 5ce26a8b..dcb6fa1c 100644 --- a/modules/core/src/main/java/com/jeesite/common/shiro/filter/InnerFilter.java +++ b/modules/core/src/main/java/com/jeesite/common/shiro/filter/InnerFilter.java @@ -19,15 +19,17 @@ import javax.servlet.http.HttpServletRequest; */ public class InnerFilter extends AccessControlFilter { + private static final String[] prefixes = Global.getPropertyToArray("shiro.innerFilterAllowRemoteAddrs", "127.0.0.1"); + @Override protected boolean isAccessAllowed(ServletRequest request, ServletResponse response, Object mappedValue) throws Exception { boolean result = false; String[] prefixes = (String[])mappedValue; if (prefixes == null){ - prefixes = Global.getPropertyToArray("shiro.innerFilterAllowRemoteAddrs", "127.0.0.1"); + prefixes = InnerFilter.prefixes; } if (prefixes != null && request instanceof HttpServletRequest){ - String ip = request.getRemoteAddr(); + String ip = request.getRemoteAddr() + "]"; for (String prefix : prefixes){ result = StringUtils.startsWithIgnoreCase(ip, StringUtils.trim(prefix)); if (result){ diff --git a/modules/core/src/main/java/com/jeesite/common/shiro/filter/PermissionsFilter.java b/modules/core/src/main/java/com/jeesite/common/shiro/filter/PermissionsFilter.java index 153e69dd..5fba0cd0 100644 --- a/modules/core/src/main/java/com/jeesite/common/shiro/filter/PermissionsFilter.java +++ b/modules/core/src/main/java/com/jeesite/common/shiro/filter/PermissionsFilter.java @@ -29,11 +29,6 @@ import com.jeesite.common.web.http.wrapper.GetHttpServletRequestWrapper; */ public class PermissionsFilter extends org.apache.shiro.web.filter.authz.PermissionsAuthorizationFilter { - @Override - protected void redirectToLogin(ServletRequest request, ServletResponse response) throws IOException { - PermissionsFilter.redirectToDefaultPath(request, response); - } - @Override protected boolean onAccessDenied(ServletRequest request, ServletResponse response) throws IOException { return PermissionsFilter.redirectTo403Page(request, response); @@ -99,5 +94,10 @@ public class PermissionsFilter extends org.apache.shiro.web.filter.authz.Permiss WebUtils.issueRedirect(request, response, loginUrl); } } + + @Override + protected void redirectToLogin(ServletRequest request, ServletResponse response) throws IOException { + PermissionsFilter.redirectToDefaultPath(request, response); + } } diff --git a/modules/core/src/main/java/com/jeesite/common/shiro/filter/RolesFilter.java b/modules/core/src/main/java/com/jeesite/common/shiro/filter/RolesFilter.java index 7b0b5b9d..235c3fb2 100644 --- a/modules/core/src/main/java/com/jeesite/common/shiro/filter/RolesFilter.java +++ b/modules/core/src/main/java/com/jeesite/common/shiro/filter/RolesFilter.java @@ -4,10 +4,9 @@ */ package com.jeesite.common.shiro.filter; -import java.io.IOException; - import javax.servlet.ServletRequest; import javax.servlet.ServletResponse; +import java.io.IOException; /** * 角色权限过滤器 @@ -16,14 +15,14 @@ import javax.servlet.ServletResponse; */ public class RolesFilter extends org.apache.shiro.web.filter.authz.RolesAuthorizationFilter { + @Override + protected boolean onAccessDenied(ServletRequest request, ServletResponse response) throws IOException { + return PermissionsFilter.redirectTo403Page(request, response); + } + @Override protected void redirectToLogin(ServletRequest request, ServletResponse response) throws IOException { PermissionsFilter.redirectToDefaultPath(request, response); } - @Override - protected boolean onAccessDenied(ServletRequest request, ServletResponse response) throws IOException { - return PermissionsFilter.redirectTo403Page(request, response); - } - } diff --git a/modules/core/src/main/java/com/jeesite/common/shiro/filter/UserFilter.java b/modules/core/src/main/java/com/jeesite/common/shiro/filter/UserFilter.java index 8c5f9dc0..40c15619 100644 --- a/modules/core/src/main/java/com/jeesite/common/shiro/filter/UserFilter.java +++ b/modules/core/src/main/java/com/jeesite/common/shiro/filter/UserFilter.java @@ -4,10 +4,9 @@ */ package com.jeesite.common.shiro.filter; -import java.io.IOException; - import javax.servlet.ServletRequest; import javax.servlet.ServletResponse; +import java.io.IOException; /** * 用户权限过滤器 @@ -15,15 +14,15 @@ import javax.servlet.ServletResponse; * @version 2017-03-22 */ public class UserFilter extends org.apache.shiro.web.filter.authc.UserFilter { + + @Override + protected boolean onAccessDenied(ServletRequest request, ServletResponse response) throws IOException { + return PermissionsFilter.redirectTo403Page(request, response); + } @Override protected void redirectToLogin(ServletRequest request, ServletResponse response) throws IOException { PermissionsFilter.redirectToDefaultPath(request, response); } - @Override - protected boolean onAccessDenied(ServletRequest request, ServletResponse response) throws IOException { - return PermissionsFilter.redirectTo403Page(request, response); - } - } diff --git a/modules/core/src/main/java/com/jeesite/modules/config/web/SchemeHttpsConfig.java b/modules/core/src/main/java/com/jeesite/modules/config/web/SchemeHttpsConfig.java index 4ec9bb22..3b491951 100644 --- a/modules/core/src/main/java/com/jeesite/modules/config/web/SchemeHttpsConfig.java +++ b/modules/core/src/main/java/com/jeesite/modules/config/web/SchemeHttpsConfig.java @@ -4,23 +4,16 @@ */ package com.jeesite.modules.config.web; -import java.io.IOException; - -import javax.servlet.Filter; -import javax.servlet.FilterChain; -import javax.servlet.FilterConfig; -import javax.servlet.ServletException; -import javax.servlet.ServletRequest; -import javax.servlet.ServletResponse; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletRequestWrapper; - import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty; import org.springframework.boot.web.servlet.FilterRegistrationBean; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; import org.springframework.core.Ordered; +import javax.servlet.Filter; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletRequestWrapper; + /** * 将请求协议转换为 https * @author ThinkGem @@ -34,35 +27,23 @@ public class SchemeHttpsConfig { public FilterRegistrationBean schemeFilterRegistrationBean() { FilterRegistrationBean bean = new FilterRegistrationBean<>(); bean.setOrder(Ordered.HIGHEST_PRECEDENCE); - bean.setFilter(new Filter() { - - @Override - public void init(FilterConfig filterConfig) throws ServletException {} + bean.setFilter((request, response, chain) -> { + chain.doFilter(new HttpServletRequestWrapper((HttpServletRequest) request) { + @Override + public String getScheme() { + return "https"; + } - @Override - public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException { - chain.doFilter(new HttpServletRequestWrapper((HttpServletRequest) request) { - - @Override - public String getScheme() { - return "https"; + @Override + public StringBuffer getRequestURL() { + StringBuffer sb = super.getRequestURL(); + if ("http:".equals(sb.substring(0, 5))){ + return sb.replace(0, 5, "https:"); + }else{ + return sb; } - - @Override - public StringBuffer getRequestURL() { - StringBuffer sb = super.getRequestURL(); - if ("http:".equals(sb.substring(0, 5))){ - return sb.replace(0, 5, "https:"); - }else{ - return sb; - } - } - - }, response); - } - - @Override - public void destroy() {} + } + }, response); }); bean.addUrlPatterns("/*"); return bean;