shiro learns the filter-AuthenticationFilter provided by 24-shiro

Others 2022-05-27 15:50:28 views: 0

AuthenticationFilter is an abstract class that requires the current user to be logged in. Let's take a look at his isAccessAllowed method:

protectedboolean isAccessAllowed(ServletRequest request, ServletResponse response, Object mappedValue) {
        Subject subject = getSubject(request, response);
        returnsubject.isAuthenticated();//Determine whether to log in.
}

 

 

There is a successUrl attribute in it, but this is not the address to jump to after successful login, but a default address. Let's consider a scenario that is often used in development: I want to buy something on Taobao, and I lost 10 items on the product details page , but after clicking OK to buy, it requires us to log in, and then log in and then jump to the current The details page of , and 10 of the details page still exists. I was curious about how he used a general method to achieve it, and now I am inspired by the source code of shiro . His implementation is in shiro 's webutils . Let me first disclose that he put the url , method and queryString of the last visit in the session , and then after logging in, check whether there is any value put in the session before, if Put it in and use the previous url+method+queryString to redirect. Saying this here just means that the successUrl in this class is just a default, backup path. It will jump to this path only when it is not stored in the session . It is also explained in his javadoc .

 

What I said above is

It is explained in the org.apache.shiro.web.util.WebUtils.redirectToSavedRequest(ServletRequest, ServletResponse, String) method, which can be viewed in WebUtils in my blog .

 

Back in this class, this class is an abstract class, and it does not involve the onAccessDenied method, so be sure to pay attention.

Let's continue to look at his implementation class:

·AuthenticatingFilter<!--[endif]-->

·PassThruAuthenticationFilter

Among them, in AuthenticatingFilter and its subclasses, I did not find any scenarios that may be used in practice. I read the source code, but I felt that it was far from the actual production, so I didn't take notes, maybe my level was limited.

 

 

 

 

 

Guess you like

Origin http://10.200.1.11:23101/article/api/json?id=327067815&siteId=291194637
Recommended
Ranking
ElasticSearch-- data modeling best practices
Permission Maintenance - Shadow User Backdoor
Refactor the code using MVP mode
Quantitative investment-fundamental model-PVC multi-factor model
Spark Big Data Processing Lecture Notes 3.2 Mastering RDD Operators
Blazor page components (2)
Erlernen von Kenntnissen zur Android-Entwicklung – Kodierung, Verschlüsselung, Hash, Serialisierung und Zeichensätze
About Qi high in JAVA study notes SORM summary detailed personal explanation
Will you calculate the accuracy of the rope displacement sensor in the measurement?
OPENJTAG debugging learning (3): debugging using the gdb command line
Daily
More
2024-05-01(4)
2024-04-30(36)
2024-04-29(5)
2024-04-28(12)
2024-04-27(29)
2024-04-26(22)
2024-04-25(32)
2024-04-24(30)
2024-04-23(30)
2024-04-22(5)

Code World

© 2018 codetd.com