美文网首页
技术知识总结 2022-2,3

技术知识总结 2022-2,3

作者: 烟囱 | 来源:发表于2022-03-19 21:00 被阅读0次

    shiro-redis

    直接引入

            <dependency>
                <groupId>org.crazycake</groupId>
                <artifactId>shiro-redis</artifactId>
                <version>3.2.1</version>
            </dependency>
    

    需要自定义逻辑的话,一些关键的实现(代码节选)
    自定义认证和授权

            AuthorizingRealm myRealm = new AuthorizingRealm (){
                @Override
                protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException {
                    // 自定义认证逻辑...
                    return new SimpleAuthenticationInfo();
                }
    
                @Override
                protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
                    // 自定义授权逻辑...
                    return new SimpleAuthorizationInfo();
                }
            };
    
    

    自定义过滤器

    public class KickoutSessionFilter extends FormAuthenticationFilter {
    
        @Override
        protected boolean isAccessAllowed(ServletRequest request, ServletResponse response, Object o) {
            return false;
        }
    
        @Override
        protected boolean onAccessDenied(ServletRequest request, ServletResponse response) throws Exception {
            // 过滤处理...
            return false;
        }
    }
    

    同时在ShiroConfig中配置上面的过滤器

        @Bean
        public ShiroFilterFactoryBean shiroFilter(DefaultWebSecurityManager securityManager) {
            ShiroFilterFactoryBean shiroFilterFactoryBean = new ShiroFilterFactoryBean();
            shiroFilterFactoryBean.setSecurityManager(securityManager);
    
            // 自定义过滤
            Map<String, Filter> filterMap = shiroFilterFactoryBean.getFilters();
            KickoutSessionFilter kickoutSessionFilter = new KickoutSessionFilter();
            kickoutSessionFilter.setLoginUrl("/api/user/login");
    
            filterMap.put("oauth2", kickoutSessionFilter);
            shiroFilterFactoryBean.setFilters(filterMap);
            shiroFilterFactoryBean.setLoginUrl("/api/user/login");
            shiroFilterFactoryBean.setSuccessUrl("/");
    
            //注意此处使用的是LinkedHashMap,是有顺序的,shiro会按从上到下的顺序匹配验证,匹配了就不再继续验证
            //所以上面的url要苛刻,宽松的url要放在下面,尤其是"/**"要放到最下面,如果放前面的话其后的验证规则就没作用了。
            Map<String, String> filterChainDefinitionMap = new LinkedHashMap<>();
    
            filterChainDefinitionMap.put("/xxxx/xxxx", "oauth2");
            filterChainDefinitionMap.put("/**", "anon");
    
            shiroFilterFactoryBean.setFilterChainDefinitionMap(filterChainDefinitionMap);
            return shiroFilterFactoryBean;
        }
    

    nginx 默认参数

    client_max_body_size 默认为 1m
    有上传文件操作的服务涉及到转发时 要注意这个值的设置

    yapi

    研究中

    dockerfile

    研究中

    JAVA获取客户端ip

    public static String getRemoteAddr(HttpServletRequest request) {  
            return request.getRemoteAddr();
    }
    

    在使用代理的情况下,可通过获取header中的属性

    String[] HEADERS_TO_TRY = {   
            "X-Forwarded-For",  
            "Proxy-Client-IP",  
            "WL-Proxy-Client-IP",  
            "HTTP_X_FORWARDED_FOR",  
            "HTTP_X_FORWARDED",  
            "HTTP_X_CLUSTER_CLIENT_IP",  
            "HTTP_CLIENT_IP",  
            "HTTP_FORWARDED_FOR",  
            "HTTP_FORWARDED",  
            "HTTP_VIA",  
            "REMOTE_ADDR",  
            "X-Real-IP"}; 
    

    其他实际问题

    SpringBoot HikariPool 第一次连接超时

    相关文章

      网友评论

          本文标题:技术知识总结 2022-2,3

          本文链接:https://www.haomeiwen.com/subject/xicvdrtx.html