ShiroConfig里面的配置

@Configuration
public class ShiroConfig {
    private static final Logger logger = LoggerFactory.getLogger(ShiroConfig.class);

    @Autowired
    private PasswordMatcher passwordMatcher;

    @Autowired
    private JwtMatcher jwtMatcher;

    /**
     * 获取对shiro bean生命周期的管理实例
     * @return
     */
    @Bean
    public static LifecycleBeanPostProcessor getLifecycleBeanPostProcessor() {
        return new LifecycleBeanPostProcessor();
    }


    /**
     * 配置shiroFilter拦截器
     * ShiroFilterFactoryBean 处理拦截资源文件问题。
     * 注意：单独一个ShiroFilterFactoryBean配置是或报错的，因为在
     * 初始化ShiroFilterFactoryBean的时候需要注入：SecurityManager
     *
     * Filter Chain定义说明
     * 1、一个URL可以配置多个Filter，使用逗号分隔
     * 2、当设置多个过滤器时，全部验证通过，才视为通过
     * 3、部分过滤器可指定参数，如perms，roles
     * @param securityManager
     * @return
     */
    @Bean
    public ShiroFilterFactoryBean shiroFilter(SecurityManager securityManager) {
        logger.info("Start==========进入shiroFilter拦截器");
        RestShiroFilterFactoryBean shiroFilterFactoryBean = new RestShiroFilterFactoryBean();
        // 必须设置 SecurityManager
        shiroFilterFactoryBean.setSecurityManager(securityManager);

        // 设置过滤器
        Map<String,Filter> filters = new LinkedHashMap<>();
        UserPasswordFilter userPasswordFilter = new UserPasswordFilter();
        filters.put("auth",userPasswordFilter);
        UserJwtFilter jwtFilter = new UserJwtFilter();
        filters.put("jwt",jwtFilter);
        GameServerFilter gameServerFilter = new GameServerFilter();
        filters.put("game",gameServerFilter);
        shiroFilterFactoryBean.setFilters(filters);

        // 设置过滤规则
        shiroFilterFactoryBean.setFilterChainDefinitionMap(initGetFilterChain());
        return shiroFilterFactoryBean;
    }

    /**
     * 初始化获取过滤链规则
     * @return
     */
    public Map<String,String> initGetFilterChain() {
        Map<String,String> filterChain = new LinkedHashMap<>();
        // -------------anon 默认过滤器忽略的URL
        List<String> defalutAnon = Arrays.asList("/css/**","/js/**","/druid/**",
                "/swagger-resources", "/v2/api-docs", "/v2/api-docs-ext", "/doc.html", "/webjars/**",
                "/user/getDynamicSecretKey", "/user/getSmsCode/**",
                "/gameServer/getGameServerAddr","/gameServer/addGameServerAddr",
                "/activity/getActivityRedTime/**","/activity/robActivityRed");
        defalutAnon.forEach(ignoredUrl -> filterChain.put(ignoredUrl,"anon"));

        // -------------auth 默认需要认证过滤器的URL 走auth--PasswordFilter
        List<String> defalutAuth = Arrays.asList("/user/login", "/user/register");
        defalutAuth.forEach(authUrl -> filterChain.put(authUrl,"auth"));

        // -------------游戏服务器 走game--gameServerFilter
        List<String> defalutGame = Arrays.asList("/gameServer/delGameServerAddr","/gameServer/tokenProving/**",
                "/gameServer/visitorLogin/**");
        defalutGame.forEach(gameUrl -> filterChain.put(gameUrl,"game"));

        // -------------dynamic 动态URL 走jwt--BJwtFilter
        List<String> defalutJwt = Arrays.asList("/**");
        defalutJwt.forEach(jwtUrl -> filterChain.put(jwtUrl,"jwt"));
        return filterChain;
    }

    @Bean
    public SecurityManager securityManager() {
        DefaultWebSecurityManager dwsm = new DefaultWebSecurityManager();
        // 设置授权
        dwsm.setAuthenticator(new AModularRealmAuthenticator());
        // 设置验证规则
        Collection<Realm> realms = new ArrayList<>();
        realms.add(passwordRealm());
        realms.add(jwtRealm());
        dwsm.setRealms(realms);
        //停用shiro的session
        DefaultSubjectDAO subjectDAO = (DefaultSubjectDAO) dwsm.getSubjectDAO();
        DefaultSessionStorageEvaluator evaluator = (DefaultSessionStorageEvaluator) subjectDAO.getSessionStorageEvaluator();
        ASubjectFactory subjectFactory = new ASubjectFactory(evaluator);
        dwsm.setSubjectFactory(subjectFactory);
        SecurityUtils.setSecurityManager(dwsm);
        return dwsm;
    }

    /**
     * password
     * @return
     */
    @Bean
    public UserPasswordRealm passwordRealm(){
        UserPasswordRealm passwordRealm = new UserPasswordRealm();
        passwordRealm.setCredentialsMatcher(passwordMatcher);
        passwordRealm.setAuthenticationTokenClass(UserPasswordToken.class);
        return passwordRealm;
    }

    /**
     * jwt
     * @return
     */
    @Bean
    public JwtRealm jwtRealm(){
        JwtRealm jwtRealm = new JwtRealm();
        jwtRealm.setCredentialsMatcher(jwtMatcher);
        jwtRealm.setAuthenticationTokenClass(JwtToken.class);
        return jwtRealm;
    }


    /**
     *  开启shiro aop注解支持.
     *  使用代理方式;所以需要开启代码支持;
     * @return
     */
    @Bean
    public DefaultAdvisorAutoProxyCreator advisorAutoProxyCreator(){
        DefaultAdvisorAutoProxyCreator advisorAutoProxyCreator = new DefaultAdvisorAutoProxyCreator();
        advisorAutoProxyCreator.setProxyTargetClass(true);
        return advisorAutoProxyCreator;
    }

    @Bean
    public AuthorizationAttributeSourceAdvisor getAuthorizationAttributeSourceAdvisor(){
        AuthorizationAttributeSourceAdvisor authorizationAttributeSourceAdvisor = new AuthorizationAttributeSourceAdvisor();
        authorizationAttributeSourceAdvisor.setSecurityManager(securityManager());
        return authorizationAttributeSourceAdvisor;
    }