public ShiroFilterFactoryBean shiroFilterFactoryBean(SecurityManager securityManager) {
ShiroFilterFactoryBean shiroFilterFactoryBean = new ShiroFilterFactoryBean();
// 设置securityManager
shiroFilterFactoryBean.setSecurityManager(securityManager);
// 登录的url
shiroFilterFactoryBean.setLoginUrl("/login");
// 登录成功后跳转的url
shiroFilterFactoryBean.setSuccessUrl("/index");
// 未授权url
shiroFilterFactoryBean.setUnauthorizedUrl("/403");
LinkedHashMap<String, String> filterChain = new LinkedHashMap<>();
// 定义filterChain,静态资源不拦截
filterChain.put("/css/**", "anon");
filterChain.put("/js/**", "anon");
filterChain.put("/fonts/**", "anon");
filterChain.put("/img/**", "anon");
filterChain.put("/druid/**", "anon");
filterChain.put("/login", "anon");
// 配置退出过滤器,其中具体的退出代码Shiro已经替我们实现了
filterChain.put("/logout/**", "logout");
filterChain.put("/", "anon");
// 除上以外所有url都必须认证通过才可以访问,未通过认证自动访问LoginUrl
filterChain.put("/**", "authc");
shiroFilterFactoryBean.setFilterChainDefinitionMap(filterChain);
return shiroFilterFactoryBean;
}
这个filterChain.put("/", "anon");配置是什么意思