premise
now do a separate front and rear application, use shiro as permission control in the background, use jwt
instead of session"s stateless web application, customize a shiro filter.url with restful
style. All interfaces url begin with / api
. I want all url, starting with / api
to go to my custom filter.
question
now I have four rul:
-
/ api/user/1
-- GET -
/ api/user
-- POST -
/ api/user
-- PATCH -
/ api/user
-- PUT
now I just want to control the permissions of the POST
method. I don"t know how to control the filter,shiro that I customized.
the configuration of my custom filter in shiro.xml is as follows:
<value>
/api/**=jwt
/**=anon
</value>
</property>
</bean>
I just thought about not configuring / api/**=jwt
, and then adding @ RequiresAuthentication
to the method, but in this way, that method does not follow my JWTFilter
, how to make the url that needs authentication follow my custom filter, how to configure and solve. Thank you.