Jfaker與Shiro是如何集成的

從Web.xml入手。代碼片斷：

<context-param>
    <param-name>shiroEnvironmentClass</param-name>
    <param-value>com.jfaker.framework.security.shiro.ShiroIniWebEnvironment</param-value>
  </context-param>
  <context-param>
    <param-name>shiroConfigLocations</param-name>
    <param-value>classpath:jfaker-shiro.ini</param-value>
  </context-param>
  <listener>
    <listener-class>org.apache.shiro.web.env.EnvironmentLoaderListener</listener-class>
  </listener>
  <filter>
        <filter-name>shiroFilter</filter-name>
        <filter-class>org.apache.shiro.web.servlet.ShiroFilter</filter-class>
  </filter>

須要留意的是com.jfaker.framework.security.shiro.ShiroIniWebEnvironment

該類繼承IniWebEnvironment ，並以init方法做爲着手點。

        public void init() {
               super.init();
               FilterChainResolver resolver = getFilterChainResolver();
               if(resolver != null && resolver instanceof PathMatchingFilterChainResolver) {
                       PathMatchingFilterChainResolver pathResolver = (PathMatchingFilterChainResolver)resolver;
                       ShiroPlugin.setFilterChainManager(pathResolver.getFilterChainManager());
               }
       }

因爲採用路徑匹配的方式進行受權管控，經過ShiroPlugin插件做爲中介與JFinal集成。並把FilterChainManager傳遞到ShiroPlugin，再由JFinal從數據庫加載全部配置好的URL及權限信息到Shiro。

public class ShiroPlugin implements IPlugin {
        private static Logger log = LoggerFactory.getLogger(ShiroPlugin.class);
        public static final String PREMISSION_FORMAT = "perms[\"{0}\"]";
        private static FilterChainManager manager = null;
        @Override
        public boolean start() {
               if(manager == null) return false;
               List<Resource> resources = Resource.dao.getWithAuthAll();
               for(Resource resource : resources) {
                       String source = resource.getStr("source");
                       String authority = resource.getStr("authorityName");
                       if(StringUtils.isEmpty(source)) {
                               continue;
                       }
                       if(source.indexOf(";") != -1) {
                               String[] sources = source.split(";");
                               for(String singleSource : sources) {
                                      createChain(manager, singleSource, authority);
                               }
                       } else {
                               createChain(manager, source, authority);
                       }
               }
               manager.createChain("/**", "user");
               return true;
        }
 
        @Override
        public boolean stop() {
               return true;
        }
        
        private void createChain(FilterChainManager manager, String key, String value) {
            log.info("add authority url[url=" + key + "\tvalue=" + value + "]");
            manager.createChain(key, MessageFormat.format(PREMISSION_FORMAT, value));
        }
 
        public static void setFilterChainManager(FilterChainManager manager) {
               ShiroPlugin.manager = manager;
        }
}

大概的流程如圖：

不知理解是否正確，請你們批評指正。