Apache Shiro Web运用过滤器 _Web前端

Apache Shiro Web应用过滤器

Shiro中一些默认的过滤器：

Filter Name	Class
anon	org.apache.shiro.web.filter.authc.AnonymousFilter
authc	org.apache.shiro.web.filter.authc.FormAuthenticationFilter
authcBasic	org.apache.shiro.web.filter.authc.BasicHttpAuthenticationFilter
logout	org.apache.shiro.web.filter.authc.LogoutFilter
noSessionCreation	org.apache.shiro.web.filter.session.NoSessionCreationFilter
perms	org.apache.shiro.web.filter.authz.PermissionsAuthorizationFilter
port	org.apache.shiro.web.filter.authz.PortFilter
rest	org.apache.shiro.web.filter.authz.HttpMethodPermissionFilter
roles	org.apache.shiro.web.filter.authz.RolesAuthorizationFilter
ssl	org.apache.shiro.web.filter.authz.SslFilter
user	org.apache.shiro.web.filter.authc.UserFilter

一般为所有的请求启用或禁用一个过滤器是通过设置其enabled 属性为true 或false。默认的设置是true，因为如果他们被配置在一个过滤器链中则本质上是需要执行的。禁用过滤器的例子如下：

[main]

…

# configure Shiro's default 'ssl' filter to be disabled while testing:

ssl.enabled = false

[urls]

…

/some/path = ssl, authc

/another/path = ssl, roles[admin]

…