首頁新隨筆新文章聯(lián)系聚合

posts - 25,comments - 0,trackbacks - 0

2025年6月

>

日

一

二

三

四

五

六

25

26

27

28

29

30

31

1

2

3

4

5

6

7

8

9

10

11

12

13

14

15

16

17

18

19

20

21

22

23

24

25

26

27

28

29

30

1

2

3

4

5

常用鏈接

留言簿(1)

隨筆檔案

文章檔案

搜索

閱讀排行榜

評論排行榜

J-Hi Dwz 附件上傳類型

摘要: Code highlighting produced by Actipro CodeHighlighter (freeware) http://www.CodeHighlighter.com/ --> 1 <dl> 2 &nbs... 閱讀全文

posted @ 2012-03-04 17:33 周磊閱讀(2937) | 評論 (0) | 編輯收藏

shiro1.2學習筆記

org.apache.shiro.web.filter.mgt.DefaultFilter
默認的內(nèi)置攔截器

anon(AnonymousFilter.class),

authc(FormAuthenticationFilter.class),

authcBasic(BasicHttpAuthenticationFilter.class),

logout(LogoutFilter.class),

noSessionCreation(NoSessionCreationFilter.class),

perms(PermissionsAuthorizationFilter.class),

port(PortFilter.class),

rest(HttpMethodPermissionFilter.class),

roles(RolesAuthorizationFilter.class),

ssl(SslFilter.class),

user(UserFilter.class);

anno 允許匿名訪問，

Filter that allows access to a path immeidately without performing security checks of any kind.

This filter is useful primarily in exclusionary policies, where you have defined a url pattern to require a certain security level, but maybe only subset of urls in that pattern should allow any access.

For example, if you had a user-only section of a website, you might want to require that access to any url in that section must be from an authenticated user.

Here is how that would look in the IniShiroFilter configuration:

[urls] /user/** = authc

But if you wanted /user/signup/** to be available to anyone, you have to exclude that path since it is a subset of the first. This is where the AnonymousFilter ('anon') is useful:

[urls] /user/signup/** = anon /user/** = authc>

Since the url pattern definitions follow a 'first match wins' paradigm, the anon filter will match the /user/signup/** paths and the /user/** path chain will not be evaluated.

posted @ 2012-03-03 23:52 周磊閱讀(987) | 評論 (0) | 編輯收藏

[收集整理] Shiro