一、简介
要解决ajax请求和前后端分离 返回数据,问题很简单,比如你没有登录,去请求数据的时候,shiro指定了一个登录界面,会自动重定向那个界面
二、具体代码
关键步骤:添加shrio自定义拦截器
/**
* @program: hopson
* @Date: 2019/10/15 15:43
* @Author: wangmx
* @Description:
*/
public class ShiroLoginFilter extends UserFilter {
@Override
protected void redirectToLogin(ServletRequest request, ServletResponse response) throws IOException {
response.setCharacterEncoding("UTF-8");
response.setContentType("application/json; charset=utf-8");
JSONObject res = new JSONObject();
res.put("error", "登录已失效,请重新登录!");
res.put("message", "登录已失效,请重新登录!");
res.put("status", 401);
response.getWriter().print(res.toString());
}
}
将拦截器添加到shrio配置类中
/**
* Shiro的配置文件
*
* @author wangmx
*/
@Configuration
public class ShiroConfig {
/**
* 单机环境,session交给shiro管理
*/
@Bean
@ConditionalOnProperty(prefix = "wangmx", name = "cluster", havingValue = "false")
public DefaultWebSessionManager sessionManager(@Value("${wangmx.globalSessionTimeout:3600}") long globalSessionTimeout){
/* DefaultWebSessionManager sessionManager = new DefaultWebSessionManager();
sessionManager.setSessionValidationSchedulerEnabled(true);
sessionManager.setSessionIdUrlRewritingEnabled(false);
sessionManager.setSessionValidationInterval(globalSessionTimeout * 1000);
sessionManager.setGlobalSessionTimeout(globalSessionTimeout * 1000);*/
MySessionManager sessionManager = new MySessionManager();
sessionManager.setSessionValidationSchedulerEnabled(true);
sessionManager.setSessionIdUrlRewritingEnabled(false);
sessionManager.setSessionValidationInterval(globalSessionTimeout * 1000);
sessionManager.setGlobalSessionTimeout(globalSessionTimeout * 1000);
return sessionManager;
}
/**
* 集群环境,session交给spring-session管理
*/
@Bean
@ConditionalOnProperty(prefix = "wangmx", name = "cluster", havingValue = "true")
public ServletContainerSessionManager servletContainerSessionManager() {
return new ServletContainerSessionManager();
}
@Bean("securityManager")
public SecurityManager securityManager(UserRealm userRealm, SessionManager sessionManager) {
DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager();
securityManager.setRealm(userRealm);
securityManager.setSessionManager(sessionManager);
securityManager.setRememberMeManager(null);
return securityManager;
}
@Bean("shiroFilter")
public ShiroFilterFactoryBean shiroFilter(SecurityManager securityManager) {
ShiroFilterFactoryBean shiroFilter = new ShiroFilterFactoryBean();
shiroFilter.setSecurityManager(securityManager);
//shiroFilter.setLoginUrl("/401");
//shiroFilter.setUnauthorizedUrl("/401");
//这是重点 将拦截器添加到shrio配置类中
Map<String, Filter> filters = shiroFilter.getFilters();
filters.put("authc", new ShiroLoginFilter());
shiroFilter.setFilters(filters);
Map<String, String> filterMap = new LinkedHashMap<>();
filterMap.put("/services/*","anon");
filterMap.put("/swagger/**", "anon");
filterMap.put("/v2/api-docs", "anon");
filterMap.put("/swagger-ui.html", "anon");
filterMap.put("/webjars/**", "anon");
filterMap.put("/swagger-resources/**", "anon");
filterMap.put("/doc.html","anon");
filterMap.put("/druid/**","anon");
filterMap.put("/statics/**", "anon");
filterMap.put("/login.html", "anon");
filterMap.put("/sys/login", "anon");
filterMap.put("/favicon.ico", "anon");
filterMap.put("/captcha.jpg", "anon");
filterMap.put("/**", "authc");
shiroFilter.setFilterChainDefinitionMap(filterMap);
return shiroFilter;
}
@Bean("lifecycleBeanPostProcessor")
public LifecycleBeanPostProcessor lifecycleBeanPostProcessor() {
return new LifecycleBeanPostProcessor();
}
@Bean
public AuthorizationAttributeSourceAdvisor authorizationAttributeSourceAdvisor(SecurityManager securityManager) {
AuthorizationAttributeSourceAdvisor advisor = new AuthorizationAttributeSourceAdvisor();
advisor.setSecurityManager(securityManager);
return advisor;
}
}
主要代码
Map<String, Filter> filters = shiroFilter.getFilters();
filters.put("authc", new ShiroLoginFilter());
shiroFilter.setFilters(filters);