manager/my-worker
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

shiro1.7新增了非法请求过滤器,因为不支持中文URL,所以关闭NonAscii验证。

Browse Source
This commit is contained in:
thinkgem
2020-12-09 19:43:26 +08:00
parent 46a4a3118f
commit f7cf4dc521
1 changed files with 11 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
modules/core/src/main/java/com/jeesite/modules/config/ShiroConfig.java
View File

@@ -13,6 +13,7 @@ import org.apache.shiro.cas.CasSubjectFactory;
import org.apache.shiro.realm.Realm;
import org.apache.shiro.spring.LifecycleBeanPostProcessor;
import org.apache.shiro.spring.security.interceptor.AuthorizationAttributeSourceAdvisor;
import org.apache.shiro.web.filter.InvalidRequestFilter;
import org.springframework.aop.framework.autoproxy.DefaultAdvisorAutoProxyCreator;
import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean;
import org.springframework.boot.web.servlet.FilterRegistrationBean;
@@ -115,6 +116,15 @@ public class ShiroConfig {
private UserFilter shiroUserFilter() {
return new UserFilter();
}
/**
* 非法请求过滤器
*/
private InvalidRequestFilter invalidRequestFilter() {
InvalidRequestFilter bean = new InvalidRequestFilter();
bean.setBlockNonAscii(false);
return bean;
}
/**
* Shiro认证过滤器
@@ -134,6 +144,7 @@ public class ShiroConfig {
filters.put("perms", shiroPermsFilter());
filters.put("roles", shiroRolesFilter());
filters.put("user", shiroUserFilter());
filters.put("invalidRequest", invalidRequestFilter());
FilterChainDefinitionMap chains = new FilterChainDefinitionMap();
chains.setFilterChainDefinitions(Global.getProperty("shiro.filterChainDefinitions"));
chains.setDefaultFilterChainDefinitions(Global.getProperty("shiro.defaultFilterChainDefinitions"));