github
/
RuoYi
mirror of https://gitee.com/y_project/RuoYi.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

修复记住我请求头过大的问题

springboot3
RuoYi 2024-09-09 10:54:23 +08:00
parent 96bf7d5c17
commit 76fb2cf1f8
3 changed files with 82 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
ruoyi-admin/src/main/resources/application.yml
View File

@ -20,8 +20,6 @@ server:
servlet: servlet:
# 应用的访问路径 # 应用的访问路径
context-path: / context-path: /
# http请求头大小
max-http-header-size: 65536
tomcat: tomcat:
# tomcat的URI编码 # tomcat的URI编码
uri-encoding: UTF-8 uri-encoding: UTF-8

6
ruoyi-framework/src/main/java/com/ruoyi/framework/config/ShiroConfig.java
View File

@ -13,7 +13,6 @@ import org.apache.shiro.lang.io.ResourceUtils;
import org.apache.shiro.mgt.SecurityManager; import org.apache.shiro.mgt.SecurityManager;
import org.apache.shiro.spring.security.interceptor.AuthorizationAttributeSourceAdvisor; import org.apache.shiro.spring.security.interceptor.AuthorizationAttributeSourceAdvisor;
import org.apache.shiro.spring.web.ShiroFilterFactoryBean; import org.apache.shiro.spring.web.ShiroFilterFactoryBean;
import org.apache.shiro.web.mgt.CookieRememberMeManager;
import org.apache.shiro.web.mgt.DefaultWebSecurityManager; import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
import org.apache.shiro.web.servlet.SimpleCookie; import org.apache.shiro.web.servlet.SimpleCookie;
import org.springframework.beans.factory.annotation.Qualifier; import org.springframework.beans.factory.annotation.Qualifier;
@ -25,6 +24,7 @@ import com.ruoyi.common.utils.StringUtils;
import com.ruoyi.common.utils.security.CipherUtils; import com.ruoyi.common.utils.security.CipherUtils;
import com.ruoyi.common.utils.spring.SpringUtils; import com.ruoyi.common.utils.spring.SpringUtils;
import com.ruoyi.framework.shiro.realm.UserRealm; import com.ruoyi.framework.shiro.realm.UserRealm;
import com.ruoyi.framework.shiro.rememberMe.CustomCookieRememberMeManager;
import com.ruoyi.framework.shiro.session.OnlineSessionDAO; import com.ruoyi.framework.shiro.session.OnlineSessionDAO;
import com.ruoyi.framework.shiro.session.OnlineSessionFactory; import com.ruoyi.framework.shiro.session.OnlineSessionFactory;
import com.ruoyi.framework.shiro.web.CustomShiroFilterFactoryBean; import com.ruoyi.framework.shiro.web.CustomShiroFilterFactoryBean;
@ -361,9 +361,9 @@ public class ShiroConfig
/** /**
* *
*/ */
public CookieRememberMeManager rememberMeManager() public CustomCookieRememberMeManager rememberMeManager()
{ {
CookieRememberMeManager cookieRememberMeManager = new CookieRememberMeManager(); CustomCookieRememberMeManager cookieRememberMeManager = new CustomCookieRememberMeManager();
cookieRememberMeManager.setCookie(rememberMeCookie()); cookieRememberMeManager.setCookie(rememberMeCookie());
if (StringUtils.isNotEmpty(cipherKey)) if (StringUtils.isNotEmpty(cipherKey))
{ {

79
ruoyi-framework/src/main/java/com/ruoyi/framework/shiro/rememberMe/CustomCookieRememberMeManager.java Normal file
View File

@ -0,0 +1,79 @@
package com.ruoyi.framework.shiro.rememberMe;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import java.util.Set;
import org.apache.shiro.subject.PrincipalCollection;
import org.apache.shiro.subject.Subject;
import org.apache.shiro.subject.SubjectContext;
import org.apache.shiro.web.mgt.CookieRememberMeManager;
import com.ruoyi.common.core.domain.entity.SysRole;
import com.ruoyi.common.core.domain.entity.SysUser;
import com.ruoyi.common.utils.spring.SpringUtils;
import com.ruoyi.framework.shiro.service.SysLoginService;
/**
* CookieRememberMeManager
*
* @author ruoyi
*/
public class CustomCookieRememberMeManager extends CookieRememberMeManager
{
/**
* permissionshttp
*/
@Override
protected void rememberIdentity(Subject subject, PrincipalCollection principalCollection)
{
Map<SysRole, Set<String>> rolePermissions = new HashMap<>();
// 清除角色的permissions权限字符串
for (Object principal : principalCollection)
{
if (principal instanceof SysUser)
{
List<SysRole> roles = ((SysUser) principal).getRoles();
for (SysRole role : roles)
{
rolePermissions.put(role, role.getPermissions());
role.setPermissions(null);
}
}
}
byte[] bytes = convertPrincipalsToBytes(principalCollection);
// 恢复角色的permissions权限字符串
for (Object principal : principalCollection)
{
if (principal instanceof SysUser)
{
List<SysRole> roles = ((SysUser) principal).getRoles();
for (SysRole role : roles)
{
role.setPermissions(rolePermissions.get(role));
}
}
}
rememberSerializedIdentity(subject, bytes);
}
/**
* permissions
*/
@Override
public PrincipalCollection getRememberedPrincipals(SubjectContext subjectContext)
{
PrincipalCollection principals = super.getRememberedPrincipals(subjectContext);
if (principals == null || principals.isEmpty())
{
return principals;
}
for (Object principal : principals)
{
if (principal instanceof SysUser)
{
SpringUtils.getBean(SysLoginService.class).setRolePermission((SysUser) principal);
}
}
return principals;
}
}