转载地址:https://blog.csdn.net/football98/article/details/76660920
当使用shiro框架,进行权限控制时,没有登录或者session失效,进行ajax请求时,不会跳转会登录页面,仅仅不返回正确结果。
因此,需要解决对ajax请求进行特殊处理。
1、重新FormAuthenticationFilter类onAccessDenied方法。让其根据不同的请假方式,返回不同的结果。
-
import org.apache.shiro.web.filter.authc.FormAuthenticationFilter;
-
import javax.servlet.ServletRequest;
-
import javax.servlet.ServletResponse;
-
import javax.servlet.http.HttpServletRequest;
-
import java.io.PrintWriter;
-
-
public class ShiroFormAuthenticationFilter extends FormAuthenticationFilter {
-
-
protected boolean onAccessDenied(ServletRequest request, ServletResponse response) throws Exception {
-
if( this.isLoginRequest(request, response)) {
-
if( this.isLoginSubmission(request, response)) {
-
return this.executeLogin(request, response);
-
} else {
-
return true;
-
}
-
} else {
-
String header = ((HttpServletRequest) request).getHeader( "Content-Type");
-
if(header != null && header.equals( "application/x-www-form-urlencoded")){
-
response.setCharacterEncoding( "UTF-8");
-
PrintWriter out = response.getWriter();
-
out.print( "{\"isOver\" : true }");
-
out.flush();
-
out.close();
-
} else{
-
this.saveRequestAndRedirectToLogin(request, response);
-
}
-
return false;
-
}
-
}
-
-
}
-
<bean id="shiroFilter" class="org.apache.shiro.spring.web.ShiroFilterFactoryBean">
-
<property name="securityManager" ref="securityManager"> </property>
-
<property name="loginUrl" value="/"> </property>
-
<property name="unauthorizedUrl" value="/"> </property>
-
<property name="filters">
-
<map>
-
<entry key="authc">
-
<bean class="zteict.qinhuangdao.framework.common.shiro.shiro.ShiroFormAuthenticationFilter"> </bean>
-
</entry>
-
</map>
-
</property>
-
<!-- 授权配置 -->
-
<property name="filterChainDefinitions">
-
<value>
-
<!--与用户登录有关的权限-->
-
/components/** = anon
-
/css/** = anon
-
/images/** = anon
-
/lib/** = anon
-
/LoginController.js = anon
-
/loginController/login.do = anon
-
<!--权限授权-->
-
/** = authc
-
</value>
-
</property>
-
</bean>
-
/**
-
* 封装post请求
-
* @param url
-
* @param data
-
* @param callback
-
*/
-
var commPost = function (url,data,callback) {
-
$http({
-
method: 'POST',
-
url:baseUrl+url,
-
data : data
-
}).then( function(result) {
-
if(result.data.isOver != undefined && result.data.isOver){
-
//跳转页面
-
window.location.href = baseUrl+ "pages/common/login/login.html";
-
} else{
-
callback(result.data);
-
}
-
});
-
};
-