重命名类 CasAuthenticationFilter 为 CasFilter；FormAuthenticationFilter 为

FormFilter；PermissionsAuthorizationFilter 为
PermissionsFilter；RolesAuthorizationFilter 为
RolesFilter

modules/core/src/main/java/com/jeesite/common/shiro/filter/CasFilter.java

@@ -15,7 +15,7 @@ import org.apache.shiro.web.util.WebUtils;
 
 import com.jeesite.common.lang.ExceptionUtils;
 import com.jeesite.common.lang.StringUtils;
-import com.jeesite.common.shiro.realm.CasAuthorizingRealm;
+import com.jeesite.common.shiro.realm.BaseAuthorizingRealm;
 
 /**
  * CAS过滤器
@@ -23,14 +23,14 @@ import com.jeesite.common.shiro.realm.CasAuthorizingRealm;
  * @version 2020-9-19
  */
 @SuppressWarnings("deprecation")
-public class CasAuthenticationFilter extends org.apache.shiro.cas.CasFilter {
+public class CasFilter extends org.apache.shiro.cas.CasFilter {
 	
 	/**
 	 * 登录成功调用事件
 	 */
 	@Override
 	protected boolean onLoginSuccess(AuthenticationToken token, Subject subject, ServletRequest request, ServletResponse response) throws Exception {
-		return FormAuthenticationFilter.onLoginSuccess((HttpServletRequest)request, (HttpServletResponse)response);
+		return FormFilter.onLoginSuccess((HttpServletRequest)request, (HttpServletResponse)response);
 	}
 	
 	/**
@@ -64,7 +64,7 @@ public class CasAuthenticationFilter extends org.apache.shiro.cas.CasFilter {
 		}
 	}
 
-	public void setAuthorizingRealm(CasAuthorizingRealm authorizingRealm) {
+	public void setAuthorizingRealm(BaseAuthorizingRealm authorizingRealm) {
 		
 	}
 

modules/core/src/main/java/com/jeesite/common/shiro/filter/FormFilter.java

@@ -48,7 +48,7 @@ import com.jeesite.modules.sys.utils.ValidCodeUtils;
  * @author ThinkGem
  * @version 2020-9-19
  */
-public class FormAuthenticationFilter extends org.apache.shiro.web.filter.authc.FormAuthenticationFilter {
+public class FormFilter extends org.apache.shiro.web.filter.authc.FormAuthenticationFilter {
 
 	public static final String CAPTCHA_PARAM = "validCode"; 					// 验证码
 	public static final String MESSAGE_PARAM = "message"; 						// 登录返回消息
@@ -56,8 +56,8 @@ public class FormAuthenticationFilter extends org.apache.shiro.web.filter.authc.
 	public static final String EXCEPTION_ATTRIBUTE_NAME = "exception"; 			// 异常类属性名
     public static final String LOGIN_PARAM = "__login";							// 支持GET方式登录的参数
 	
-	private static final Logger logger = LoggerFactory.getLogger(FormAuthenticationFilter.class);
+	private static final Logger logger = LoggerFactory.getLogger(FormFilter.class);
-	private static FormAuthenticationFilter instance;
+	private static FormFilter instance;
 	
 	private BaseAuthorizingRealm authorizingRealm;
 	private Cookie rememberUserCodeCookie; 	// 记住用户名Cookie
@@ -65,7 +65,7 @@ public class FormAuthenticationFilter extends org.apache.shiro.web.filter.authc.
 	/**
 	 * 构造方法
 	 */
-	public FormAuthenticationFilter() {
+	public FormFilter() {
 		super();
 		rememberUserCodeCookie = new SimpleCookie();
 		rememberUserCodeCookie.setName(REMEMBER_USERCODE_PARAM);
@@ -193,7 +193,7 @@ public class FormAuthenticationFilter extends org.apache.shiro.web.filter.authc.
 	 */
 	@Override
 	protected void redirectToLogin(ServletRequest request, ServletResponse response) throws IOException {
-		PermissionsAuthorizationFilter.redirectToDefaultPath(request, response);
+		PermissionsFilter.redirectToDefaultPath(request, response);
 	}
 
 	/**

modules/core/src/main/java/com/jeesite/common/shiro/filter/InnerFilter.java

@@ -41,7 +41,7 @@ public class InnerFilter extends AccessControlFilter {
 
 	@Override
 	protected boolean onAccessDenied(ServletRequest request, ServletResponse response) throws Exception {
-		return PermissionsAuthorizationFilter.redirectTo403Page(request, response);
+		return PermissionsFilter.redirectTo403Page(request, response);
 	}
 	
 }

modules/core/src/main/java/com/jeesite/common/shiro/filter/PermissionsFilter.java

@@ -26,16 +26,16 @@ import com.jeesite.common.web.http.wrapper.GetHttpServletRequestWrapper;
  * @author ThinkGem
  * @version 2017-03-22
  */
-public class PermissionsAuthorizationFilter extends org.apache.shiro.web.filter.authz.PermissionsAuthorizationFilter {
+public class PermissionsFilter extends org.apache.shiro.web.filter.authz.PermissionsAuthorizationFilter {
 
 	@Override
 	protected void redirectToLogin(ServletRequest request, ServletResponse response) throws IOException {
-		PermissionsAuthorizationFilter.redirectToDefaultPath(request, response);
+		PermissionsFilter.redirectToDefaultPath(request, response);
 	}
 	
 	@Override
 	protected boolean onAccessDenied(ServletRequest request, ServletResponse response) throws IOException {
-        return PermissionsAuthorizationFilter.redirectTo403Page(request, response);
+        return PermissionsFilter.redirectTo403Page(request, response);
     }
 	
 	/**

modules/core/src/main/java/com/jeesite/common/shiro/filter/RolesFilter.java

@@ -13,16 +13,16 @@ import javax.servlet.ServletResponse;
  * @author ThinkGem
  * @version 2017-03-22
  */
-public class RolesAuthorizationFilter extends org.apache.shiro.web.filter.authz.RolesAuthorizationFilter {
+public class RolesFilter extends org.apache.shiro.web.filter.authz.RolesAuthorizationFilter {
 
 	@Override
 	protected void redirectToLogin(ServletRequest request, ServletResponse response) throws IOException {
-		PermissionsAuthorizationFilter.redirectToDefaultPath(request, response);
+		PermissionsFilter.redirectToDefaultPath(request, response);
 	}
 	
 	@Override
 	protected boolean onAccessDenied(ServletRequest request, ServletResponse response) throws IOException {
-		return PermissionsAuthorizationFilter.redirectTo403Page(request, response);
+		return PermissionsFilter.redirectTo403Page(request, response);
     }
 	
 }

modules/core/src/main/java/com/jeesite/common/shiro/filter/UserFilter.java

@@ -17,12 +17,12 @@ public class UserFilter extends org.apache.shiro.web.filter.authc.UserFilter {
 
 	@Override
 	protected void redirectToLogin(ServletRequest request, ServletResponse response) throws IOException {
-		PermissionsAuthorizationFilter.redirectToDefaultPath(request, response);
+		PermissionsFilter.redirectToDefaultPath(request, response);
 	}
 	
 	@Override
 	protected boolean onAccessDenied(ServletRequest request, ServletResponse response) throws IOException {
-        return PermissionsAuthorizationFilter.redirectTo403Page(request, response);
+        return PermissionsFilter.redirectTo403Page(request, response);
     }
 	
 }

modules/core/src/main/java/com/jeesite/common/shiro/realm/AuthorizingRealm.java

@@ -20,7 +20,7 @@ import com.jeesite.modules.sys.utils.LogUtils;
 import com.jeesite.modules.sys.utils.UserUtils;
 
 /**
- * 系统安全认证实现类
+ * 系统认证授权实现类
  * @author ThinkGem
  * @version 2018-7-11
  */

modules/core/src/main/java/com/jeesite/common/shiro/realm/CasAuthorizingRealm.java

@@ -36,7 +36,7 @@ import com.jeesite.modules.sys.utils.LogUtils;
 import com.jeesite.modules.sys.utils.UserUtils;
 
 /**
- * 系统安全认证实现类
+ * 系统认证授权实现类
  * @author ThinkGem
  * @version 2020-9-19
  */
@@ -175,7 +175,7 @@ public class CasAuthorizingRealm extends BaseAuthorizingRealm  {
 	@Override
 	protected void assertCredentialsMatch(AuthenticationToken authcToken,
 			AuthenticationInfo info) throws AuthenticationException {
-		// CAS的Ticket已经在doGetAuthenticationInfo()认证过了，这里就不验证身份了
+		// 已经在 getFormToken 认证过了，这里就不验证身份了
 	}
 	
 	@Override

modules/core/src/main/java/com/jeesite/modules/config/ShiroConfig.java

@@ -26,12 +26,12 @@ import com.jeesite.common.collect.ListUtils;
 import com.jeesite.common.config.Global;
 import com.jeesite.common.shiro.cas.CasOutHandler;
 import com.jeesite.common.shiro.config.FilterChainDefinitionMap;
-import com.jeesite.common.shiro.filter.CasAuthenticationFilter;
+import com.jeesite.common.shiro.filter.CasFilter;
-import com.jeesite.common.shiro.filter.FormAuthenticationFilter;
+import com.jeesite.common.shiro.filter.FormFilter;
 import com.jeesite.common.shiro.filter.InnerFilter;
 import com.jeesite.common.shiro.filter.LogoutFilter;
-import com.jeesite.common.shiro.filter.PermissionsAuthorizationFilter;
+import com.jeesite.common.shiro.filter.PermissionsFilter;
-import com.jeesite.common.shiro.filter.RolesAuthorizationFilter;
+import com.jeesite.common.shiro.filter.RolesFilter;
 import com.jeesite.common.shiro.filter.UserFilter;
 import com.jeesite.common.shiro.realm.AuthorizingRealm;
 import com.jeesite.common.shiro.realm.CasAuthorizingRealm;
@@ -43,7 +43,7 @@ import com.jeesite.common.shiro.web.WebSecurityManager;
 /**
  * Shiro配置
  * @author ThinkGem
- * @version 2018-7-11
+ * @version 2021-7-6
  */
 @SuppressWarnings("deprecation")
 @Configuration(proxyBeanMethods = false)
@@ -72,8 +72,8 @@ public class ShiroConfig {
 	/**
 	 * CAS登录过滤器
 	 */
-	private CasAuthenticationFilter shiroCasFilter(CasAuthorizingRealm casAuthorizingRealm) {
+	private CasFilter shiroCasFilter(CasAuthorizingRealm casAuthorizingRealm) {
-		CasAuthenticationFilter bean = new CasAuthenticationFilter();
+		CasFilter bean = new CasFilter();
 		bean.setAuthorizingRealm(casAuthorizingRealm);
 		return bean;
 	}
@@ -81,8 +81,8 @@ public class ShiroConfig {
 	/**
 	 * Form登录过滤器
 	 */
-	private FormAuthenticationFilter shiroAuthcFilter(AuthorizingRealm authorizingRealm) {
+	private FormFilter shiroAuthcFilter(AuthorizingRealm authorizingRealm) {
-		FormAuthenticationFilter bean = new FormAuthenticationFilter();
+		FormFilter bean = new FormFilter();
 		bean.setAuthorizingRealm(authorizingRealm);
 		return bean;
 	}
@@ -99,15 +99,15 @@ public class ShiroConfig {
 	/**
 	 * 权限字符串过滤器
 	 */
-	private PermissionsAuthorizationFilter shiroPermsFilter() {
+	private PermissionsFilter shiroPermsFilter() {
-		return new PermissionsAuthorizationFilter();
+		return new PermissionsFilter();
 	}
 
 	/**
 	 * 角色权限过滤器
 	 */
-	private RolesAuthorizationFilter shiroRolesFilter() {
+	private RolesFilter shiroRolesFilter() {
-		return new RolesAuthorizationFilter();
+		return new RolesFilter();
 	}
 
 	/**
@@ -130,8 +130,8 @@ public class ShiroConfig {
 	 * Shiro认证过滤器
 	 */
 	@Bean
-	public ShiroFilterFactoryBean shiroFilter(WebSecurityManager webSecurityManager,
+	public ShiroFilterFactoryBean shiroFilter(WebSecurityManager webSecurityManager, AuthorizingRealm authorizingRealm, 
-			AuthorizingRealm authorizingRealm, CasAuthorizingRealm casAuthorizingRealm) {
+			CasAuthorizingRealm casAuthorizingRealm) {
 		ShiroFilterFactoryBean bean = new ShiroFilterFactoryBean();
 		bean.setSecurityManager(webSecurityManager);
 		bean.setLoginUrl(Global.getProperty("shiro.loginUrl"));
@@ -171,7 +171,7 @@ public class ShiroConfig {
 	}
 	
 	/**
-	 * 系统安全认证实现类
+	 * CAS安全认证实现类
 	 */
 	@Bean
 	public CasAuthorizingRealm casAuthorizingRealm(SessionDAO sessionDAO, CasOutHandler casOutHandler) {
@@ -187,9 +187,8 @@ public class ShiroConfig {
 	 * 定义Shiro安全管理配置
 	 */
 	@Bean
-	public WebSecurityManager webSecurityManager(AuthorizingRealm authorizingRealm,
+	public WebSecurityManager webSecurityManager(AuthorizingRealm authorizingRealm, CasAuthorizingRealm casAuthorizingRealm,
-			CasAuthorizingRealm casAuthorizingRealm, SessionManager sessionManager,
+			SessionManager sessionManager, CacheManager shiroCacheManager) {
-			CacheManager shiroCacheManager) {
 		WebSecurityManager bean = new WebSecurityManager();
 		Collection<Realm> realms = ListUtils.newArrayList();
 		realms.add(authorizingRealm); // 第一个为权限授权控制类
@@ -197,9 +196,8 @@ public class ShiroConfig {
 		bean.setRealms(realms);
 		bean.setSessionManager(sessionManager);
 		bean.setCacheManager(shiroCacheManager);
-		//bean.setRememberMeManager(null); // 关闭 RememberMe
-		// 设置支持CAS的subjectFactory
 		bean.setSubjectFactory(new CasSubjectFactory());
+		//bean.setRememberMeManager(null); // 关闭 RememberMe
 		return bean;
 	}
 	

modules/core/src/main/java/com/jeesite/modules/sys/web/AccountController.java

@@ -27,7 +27,7 @@ import com.jeesite.common.msg.EmailUtils;
 import com.jeesite.common.msg.SmsUtils;
 import com.jeesite.common.service.ServiceException;
 import com.jeesite.common.shiro.authc.FormToken;
-import com.jeesite.common.shiro.filter.FormAuthenticationFilter;
+import com.jeesite.common.shiro.filter.FormFilter;
 import com.jeesite.common.web.BaseController;
 import com.jeesite.modules.sys.entity.User;
 import com.jeesite.modules.sys.service.UserService;
@@ -88,7 +88,7 @@ public class AccountController extends BaseController{
 		if (!Global.getConfigToBoolean("user.loginByValidCode", "true")) {
 			return renderResult(Global.FALSE, "验证码登录未开启，请设置：user.loginByValidCode=true");
 		}
-		FormToken formToken = FormAuthenticationFilter.newToken(request, response);
+		FormToken formToken = FormFilter.newToken(request, response);
 		String s = validValidCode("login", formToken.getUsername(), loginValidCode, request);
 		if (s != null) {
 			return s;
@@ -97,9 +97,9 @@ public class AccountController extends BaseController{
 		try {
 			formToken.setInnerLogin(true); // 因为手机验证码已验证，所以无需再进行验证密码
 			UserUtils.getSubject().login(formToken);
-			FormAuthenticationFilter.onLoginSuccess(request, response);
+			FormFilter.onLoginSuccess(request, response);
         } catch (AuthenticationException e) {
-        	FormAuthenticationFilter.onLoginFailure(e, request, response);
+        	FormFilter.onLoginFailure(e, request, response);
         }
 		return null;
 	}

modules/core/src/main/java/com/jeesite/modules/sys/web/LoginController.java

@@ -23,7 +23,7 @@ import org.springframework.web.bind.annotation.ResponseBody;
 import com.fasterxml.jackson.annotation.JsonView;
 import com.jeesite.common.config.Global;
 import com.jeesite.common.lang.StringUtils;
-import com.jeesite.common.shiro.filter.FormAuthenticationFilter;
+import com.jeesite.common.shiro.filter.FormFilter;
 import com.jeesite.common.shiro.realm.BaseAuthorizingRealm;
 import com.jeesite.common.shiro.realm.LoginInfo;
 import com.jeesite.common.web.BaseController;
@@ -72,7 +72,7 @@ public class LoginController extends BaseController{
 		}
 
 		// 获取登录数据
-		model.addAllAttributes(FormAuthenticationFilter.getLoginData(request, response));
+		model.addAllAttributes(FormFilter.getLoginData(request, response));
 		
 		// 如果是Ajax请求，返回Json字符串。
 		if (ServletUtils.isAjaxRequest((HttpServletRequest)request)){
@@ -109,7 +109,7 @@ public class LoginController extends BaseController{
 		}
 		
 		// 获取登录失败数据
-		model.addAllAttributes(FormAuthenticationFilter.getLoginFailureData(request, response));
+		model.addAllAttributes(FormFilter.getLoginFailureData(request, response));
 		
 		// 如果是Ajax请求，返回Json字符串。
 		if (ServletUtils.isAjaxRequest(request)){

modules/core/src/main/java/com/jeesite/modules/sys/web/SsoController.java

@@ -18,7 +18,7 @@ import com.jeesite.common.codec.EncodeUtils;
 import com.jeesite.common.config.Global;
 import com.jeesite.common.lang.ObjectUtils;
 import com.jeesite.common.shiro.authc.FormToken;
-import com.jeesite.common.shiro.filter.FormAuthenticationFilter;
+import com.jeesite.common.shiro.filter.FormFilter;
 import com.jeesite.common.web.BaseController;
 import com.jeesite.common.web.http.ServletUtils;
 import com.jeesite.modules.sys.entity.User;
@@ -67,9 +67,9 @@ public class SsoController extends BaseController{
 				// FormToken 构造方法的三个参数：登录名、单点登录的令牌秘钥、请求对象
 				UserUtils.getSubject().login(new FormToken(username, token, request));
 				request.setAttribute("__url", EncodeUtils.decodeUrl2(url));
-				FormAuthenticationFilter.onLoginSuccess(request, response);
+				FormFilter.onLoginSuccess(request, response);
 	        } catch (AuthenticationException e) {
-	        	FormAuthenticationFilter.onLoginFailure(e, request, response);
+	        	FormFilter.onLoginFailure(e, request, response);
 	        }
 			return null;
 		}

modules/core/src/main/resources/config/logger-core.xml

@@ -43,7 +43,7 @@
 	<logger name="com.jeesite.common.io.FileUtils" level="INFO" />
 	<logger name="com.jeesite.modules.sys.dao.LogDao" level="INFO" />
 	
-	<!-- Production profile -->
+	<!-- Production profile
 	<springProfile name="prod">
 		<logger name="org.mybatis.spring.transaction" level="INFO" />
 		<logger name="org.flowable.ui.modeler.domain" level="INFO" />
@@ -54,6 +54,6 @@
 		<logger name="org.flowable.engine.impl.persistence" level="INFO" />
 		<logger name="com.jeesite" level="INFO" />
 		<logger name="com.jeesite.common.mybatis.mapper" level="INFO" />
-	</springProfile>
+	</springProfile> -->
 	
 </included>