From this section, start to learn the access control of the request, that is, the restriction of each user's access, which determines whether the URL can be accessed for a specific user according to the role and permissions of the configured user.
We start with shiroFilterFactoryBean .
This class is the real filter. The DelegatingFilterProxy we configured in web.xml is actually the proxy. When each request comes, the fitter of the proxy will forward the request to the real filter, but the real filter The filter interface is not implemented. What he puts in the spring context is a filter - SpringShiroFilter, because the value returned by his getObject method is a SpringShiroFilter, the source code:
public Object getObject() throws Exception {
if (instance == null) {
instance = createInstance();
}
return instance;
}
And the class you put in is also this class:
public Class getObjectType() {
return SpringShiroFilter.class;
}
So the DelegatingFilterProxy we configured actually forwarded Qingqiu to this SpringShiroFilter. This class is actually an AbstractShiroFilter. All the running code is in this class. The introduction of this class is in the following filter chapter.
shiroFilterFactoryBean has two attributes: one is filter , which is a map , which is used to store all the filters in the spring context . The key is the beanname of the filter , and the value is the filter . The program will subclass all the filters in the spring context . into this map . Another property is filterChainDefinitionMap , which is used to store the name of the placed path magic board and filter. But I don't understand how it is agreed in the end, if I configure the key , such as the following, it will report an error
<propertyname="filterChainDefinitions">
<map>
<entrykey="NO1"value="/visit=checkAuthenticatedFilter[a,b,3]"/>
<entrykey="NO2"value="/visit2=checkAuthenticatedFilter[C,D,4]"/>
</map>
</property>
Or configure it according to the example that others have done successfully. If the configuration is as follows,
<property name="filterChainDefinitions">
<value>
/visit=checkAuthenticatedFilter[a,b] // There must be a newline character here, but there must be no \t (tab character, it will make an error), it doesn't matter if there is a space, it will be deleted.
/ visit2 = checkAuthenticatedFilter [c, d]
</value>
</property>
When he is converted to filterChainDefinitionMap :
/visit=checkAuthenticatedFilter[a,b], /visit2=checkAuthenticatedFilter[c,d] This is what I saw when I debugged. It can be found that he changed the newline character into a separator, and then changed the equal sign into key and value mark. Then call the generated DefaultFilterChainManager .