<ehcache updateCheck="false" name="shiroCache">    <defaultCache            maxElementsInMemory="10000"            eternal="false"            timeToIdleSeconds="120"            timeToLiveSeconds="120"            overflowToDisk="false"            diskPersistent="false"            diskExpiryThreadIntervalSeconds="120"            /></ehcache>

<?xml version="1.0" encoding="UTF-8"?><beans xmlns="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"       xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.0.xsd"       default-lazy-init="true">    <description>Shiro</description>    <bean id="securityManager" class="org.apache.shiro.web.mgt.DefaultWebSecurityManager">        <!-- Single realm app.  If you have multiple realms, use the ‘realms‘ property instead. -->        <property name="realm" ref="authRealm"/>        <!-- 二级缓存 -->        <property name="cacheManager" ref="shiroEhcacheManager"/>    </bean>    <!-- 自定义权限认证 -->    <bean id="authRealm" class="cn.xxxx.jk.shiro.AuthRealm">		<property name="userService" ref="userService"/>		<property name="credentialsMatcher" ref="passwordMatcher"/>	</bean>		<!-- 自定义加密策略 -->	<bean id="passwordMatcher" class="cn.xxxx.jk.shiro.CustomCredentialsMatcher"/>    <bean id="shiroFilter" class="org.apache.shiro.spring.web.ShiroFilterFactoryBean">        <property name="securityManager" ref="securityManager"/>        <property name="loginUrl" value="http://www.mamicode.com/index.jsp"></property>        <!-- 没有权限或者失败后跳转的页面 -->        <property name="successUrl" value="http://www.mamicode.com/home.action"></property>        <property name="filterChainDefinitions">            <!-- , roles[admin], perms[document:read]-->            <value>				/index.jsp* = anon				/home* = anon				/sysadmin/login/login.jsp* = anon				/sysadmin/login/logout.jsp* = anon				/login* = anon				/logout* = anon								/*.* = authc				/resource/** = anon            </value>        </property>    </bean>    <!-- 用户授权/认证信息Cache, 采用EhCache  缓存 -->    <bean id="shiroEhcacheManager" class="org.apache.shiro.cache.ehcache.EhCacheManager">        <property name="cacheManagerConfigFile" value="http://www.mamicode.com/classpath:ehcache-shiro.xml"/>    </bean>    <!-- 保证实现了Shiro内部lifecycle函数的bean执行 -->    <bean id="lifecycleBeanPostProcessor" class="org.apache.shiro.spring.LifecycleBeanPostProcessor"/>    <!-- 生成代理，通过代理进行控制 -->    <bean class="org.springframework.aop.framework.autoproxy.DefaultAdvisorAutoProxyCreator"          depends-on="lifecycleBeanPostProcessor">        <property name="proxyTargetClass" value="http://www.mamicode.com/true"/>    </bean>        <!-- 安全管理器 -->    <bean class="org.apache.shiro.spring.security.interceptor.AuthorizationAttributeSourceAdvisor">        <property name="securityManager" ref="securityManager"/>    </bean></beans>