diff --git a/modules/core/src/main/java/com/jeesite/common/shiro/filter/FormFilter.java b/modules/core/src/main/java/com/jeesite/common/shiro/filter/FormFilter.java index abfe7047..3f80eb1e 100644 --- a/modules/core/src/main/java/com/jeesite/common/shiro/filter/FormFilter.java +++ b/modules/core/src/main/java/com/jeesite/common/shiro/filter/FormFilter.java @@ -200,14 +200,6 @@ public class FormFilter extends org.apache.shiro.web.filter.authc.FormAuthentica protected boolean isAccessAllowed(ServletRequest request, ServletResponse response, Object mappedValue) { return (!isLoginRequest(request, response) && isPermissive(mappedValue)); // 不验证登录状态,只验证登录请求 } - - /** - * 跳转登录页时,跳转到默认首页 - */ - @Override - protected void redirectToLogin(ServletRequest request, ServletResponse response) throws IOException { - PermissionsFilter.redirectToDefaultPath(request, response); - } /** * 地址访问接入验证 @@ -255,6 +247,14 @@ public class FormFilter extends org.apache.shiro.web.filter.authc.FormAuthentica boolean isLogin = WebUtils.isTrue(request, LOGIN_PARAM); return super.isLoginSubmission(request, response) || isLogin; } + + /** + * 跳转登录页时,跳转到默认首页 + */ + @Override + protected void redirectToLogin(ServletRequest request, ServletResponse response) throws IOException { + PermissionsFilter.redirectToDefaultPath(request, response); + } /** * 执行登录方法 diff --git a/modules/core/src/main/java/com/jeesite/common/shiro/filter/InnerFilter.java b/modules/core/src/main/java/com/jeesite/common/shiro/filter/InnerFilter.java index bd2ced20..a6ead71f 100644 --- a/modules/core/src/main/java/com/jeesite/common/shiro/filter/InnerFilter.java +++ b/modules/core/src/main/java/com/jeesite/common/shiro/filter/InnerFilter.java @@ -19,15 +19,17 @@ import jakarta.servlet.http.HttpServletRequest; */ public class InnerFilter extends AccessControlFilter { + private static final String[] prefixes = Global.getPropertyToArray("shiro.innerFilterAllowRemoteAddrs", "127.0.0.1"); + @Override protected boolean isAccessAllowed(ServletRequest request, ServletResponse response, Object mappedValue) throws Exception { boolean result = false; String[] prefixes = (String[])mappedValue; if (prefixes == null){ - prefixes = Global.getPropertyToArray("shiro.innerFilterAllowRemoteAddrs", "127.0.0.1"); + prefixes = InnerFilter.prefixes; } if (prefixes != null && request instanceof HttpServletRequest){ - String ip = request.getRemoteAddr(); + String ip = request.getRemoteAddr() + "]"; for (String prefix : prefixes){ result = StringUtils.startsWithIgnoreCase(ip, StringUtils.trim(prefix)); if (result){ diff --git a/modules/core/src/main/java/com/jeesite/common/shiro/filter/PermissionsFilter.java b/modules/core/src/main/java/com/jeesite/common/shiro/filter/PermissionsFilter.java index 945c1fcc..fd361a43 100644 --- a/modules/core/src/main/java/com/jeesite/common/shiro/filter/PermissionsFilter.java +++ b/modules/core/src/main/java/com/jeesite/common/shiro/filter/PermissionsFilter.java @@ -4,23 +4,21 @@ */ package com.jeesite.common.shiro.filter; -import java.io.IOException; - -import jakarta.servlet.ServletException; -import jakarta.servlet.ServletRequest; -import jakarta.servlet.ServletResponse; -import jakarta.servlet.http.HttpServletRequest; - -import org.apache.shiro.SecurityUtils; -import org.apache.shiro.authz.UnauthorizedException; -import org.apache.shiro.subject.Subject; -import org.apache.shiro.web.util.WebUtils; - import com.jeesite.common.codec.EncodeUtils; import com.jeesite.common.config.Global; import com.jeesite.common.lang.StringUtils; import com.jeesite.common.web.http.ServletUtils; import com.jeesite.common.web.http.wrapper.GetHttpServletRequestWrapper; +import jakarta.servlet.ServletException; +import jakarta.servlet.ServletRequest; +import jakarta.servlet.ServletResponse; +import jakarta.servlet.http.HttpServletRequest; +import org.apache.shiro.SecurityUtils; +import org.apache.shiro.authz.UnauthorizedException; +import org.apache.shiro.subject.Subject; +import org.apache.shiro.web.util.WebUtils; + +import java.io.IOException; /** * 权限字符串过滤器 @@ -29,11 +27,6 @@ import com.jeesite.common.web.http.wrapper.GetHttpServletRequestWrapper; */ public class PermissionsFilter extends org.apache.shiro.web.filter.authz.PermissionsAuthorizationFilter { - @Override - protected void redirectToLogin(ServletRequest request, ServletResponse response) throws IOException { - PermissionsFilter.redirectToDefaultPath(request, response); - } - @Override protected boolean onAccessDenied(ServletRequest request, ServletResponse response) throws IOException { return PermissionsFilter.redirectTo403Page(request, response); @@ -99,5 +92,10 @@ public class PermissionsFilter extends org.apache.shiro.web.filter.authz.Permiss WebUtils.issueRedirect(request, response, loginUrl); } } + + @Override + protected void redirectToLogin(ServletRequest request, ServletResponse response) throws IOException { + PermissionsFilter.redirectToDefaultPath(request, response); + } } diff --git a/modules/core/src/main/java/com/jeesite/common/shiro/filter/RolesFilter.java b/modules/core/src/main/java/com/jeesite/common/shiro/filter/RolesFilter.java index b713f5aa..17db57ca 100644 --- a/modules/core/src/main/java/com/jeesite/common/shiro/filter/RolesFilter.java +++ b/modules/core/src/main/java/com/jeesite/common/shiro/filter/RolesFilter.java @@ -4,11 +4,11 @@ */ package com.jeesite.common.shiro.filter; -import java.io.IOException; - import jakarta.servlet.ServletRequest; import jakarta.servlet.ServletResponse; +import java.io.IOException; + /** * 角色权限过滤器 * @author ThinkGem @@ -16,14 +16,14 @@ import jakarta.servlet.ServletResponse; */ public class RolesFilter extends org.apache.shiro.web.filter.authz.RolesAuthorizationFilter { + @Override + protected boolean onAccessDenied(ServletRequest request, ServletResponse response) throws IOException { + return PermissionsFilter.redirectTo403Page(request, response); + } + @Override protected void redirectToLogin(ServletRequest request, ServletResponse response) throws IOException { PermissionsFilter.redirectToDefaultPath(request, response); } - @Override - protected boolean onAccessDenied(ServletRequest request, ServletResponse response) throws IOException { - return PermissionsFilter.redirectTo403Page(request, response); - } - } diff --git a/modules/core/src/main/java/com/jeesite/common/shiro/filter/UserFilter.java b/modules/core/src/main/java/com/jeesite/common/shiro/filter/UserFilter.java index 289803d1..89cd2187 100644 --- a/modules/core/src/main/java/com/jeesite/common/shiro/filter/UserFilter.java +++ b/modules/core/src/main/java/com/jeesite/common/shiro/filter/UserFilter.java @@ -4,26 +4,26 @@ */ package com.jeesite.common.shiro.filter; -import java.io.IOException; - import jakarta.servlet.ServletRequest; import jakarta.servlet.ServletResponse; +import java.io.IOException; + /** * 用户权限过滤器 * @author ThinkGem * @version 2017-03-22 */ public class UserFilter extends org.apache.shiro.web.filter.authc.UserFilter { + + @Override + protected boolean onAccessDenied(ServletRequest request, ServletResponse response) throws IOException { + return PermissionsFilter.redirectTo403Page(request, response); + } @Override protected void redirectToLogin(ServletRequest request, ServletResponse response) throws IOException { PermissionsFilter.redirectToDefaultPath(request, response); } - @Override - protected boolean onAccessDenied(ServletRequest request, ServletResponse response) throws IOException { - return PermissionsFilter.redirectTo403Page(request, response); - } - } diff --git a/modules/core/src/main/java/com/jeesite/modules/config/web/SchemeHttpsConfig.java b/modules/core/src/main/java/com/jeesite/modules/config/web/SchemeHttpsConfig.java index 49cf5a6d..9e1a8ca9 100644 --- a/modules/core/src/main/java/com/jeesite/modules/config/web/SchemeHttpsConfig.java +++ b/modules/core/src/main/java/com/jeesite/modules/config/web/SchemeHttpsConfig.java @@ -4,17 +4,9 @@ */ package com.jeesite.modules.config.web; -import java.io.IOException; - import jakarta.servlet.Filter; -import jakarta.servlet.FilterChain; -import jakarta.servlet.FilterConfig; -import jakarta.servlet.ServletException; -import jakarta.servlet.ServletRequest; -import jakarta.servlet.ServletResponse; import jakarta.servlet.http.HttpServletRequest; import jakarta.servlet.http.HttpServletRequestWrapper; - import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty; import org.springframework.boot.web.servlet.FilterRegistrationBean; import org.springframework.context.annotation.Bean; @@ -34,35 +26,23 @@ public class SchemeHttpsConfig { public FilterRegistrationBean schemeFilterRegistrationBean() { FilterRegistrationBean bean = new FilterRegistrationBean<>(); bean.setOrder(Ordered.HIGHEST_PRECEDENCE); - bean.setFilter(new Filter() { - - @Override - public void init(FilterConfig filterConfig) throws ServletException {} + bean.setFilter((request, response, chain) -> { + chain.doFilter(new HttpServletRequestWrapper((HttpServletRequest) request) { + @Override + public String getScheme() { + return "https"; + } - @Override - public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException { - chain.doFilter(new HttpServletRequestWrapper((HttpServletRequest) request) { - - @Override - public String getScheme() { - return "https"; + @Override + public StringBuffer getRequestURL() { + StringBuffer sb = super.getRequestURL(); + if ("http:".equals(sb.substring(0, 5))){ + return sb.replace(0, 5, "https:"); + }else{ + return sb; } - - @Override - public StringBuffer getRequestURL() { - StringBuffer sb = super.getRequestURL(); - if ("http:".equals(sb.substring(0, 5))){ - return sb.replace(0, 5, "https:"); - }else{ - return sb; - } - } - - }, response); - } - - @Override - public void destroy() {} + } + }, response); }); bean.addUrlPatterns("/*"); return bean;