@Override
public void onStartup(ServletContext servletContext) throws ServletException {
Map<String, String> filterChainDefinitionMap = Application.getSecurityFilterChainDefinitionMap();
filterChainDefinitionMap.put("/admin", DefaultFilter.authc.name());
filterChainDefinitionMap.put("/admin/logout", DefaultFilter.logout.name());
filterChainDefinitionMap.put("/admin/**", DefaultFilter.authc.name());
List<Filter> filters = Application.getFilters();
DelegatingFilterProxy shiroFilter = new DelegatingFilterProxy("shiroFilter");
shiroFilter.setTargetFilterLifecycle(true);
filters.add(shiroFilter);
filters.add(new RequestContextFilter());
filters.add(new CharacterEncodingFilter("UTF-8", true));
}
@Bean(name = "shiroFilter")
public ShiroFilterFactoryBean shiroFilter() {
ShiroFilterFactoryBean shiroFilterFactoryBean = new ShiroFilterFactoryBean();
shiroFilterFactoryBean.setSecurityManager(securityManager);
shiroFilterFactoryBean.setLoginUrl("/admin");
shiroFilterFactoryBean.setSuccessUrl("/admin");
shiroFilterFactoryBean.setUnauthorizedUrl("/error");
Map<String, Filter> filters = Application.getSecurityfilters();
AjaxAuthenticationFilter ajaxAuthenticationFilter = new AjaxAuthenticationFilter();
ajaxAuthenticationFilter.setRobotPrevention(new CaptchaRobotPrevention());
filters.put(DefaultFilter.authc.name(), ajaxAuthenticationFilter);
shiroFilterFactoryBean.setFilters(filters);
shiroFilterFactoryBean.setFilterChainDefinitionMap(Application.getSecurityFilterChainDefinitionMap());
return shiroFilterFactoryBean;
}
