- <property name="filterChainDefinitions">
- <value>
- /login/** = anon
- </value>
- </property>
下马是java代码中要增加:
- @RequestMapping(value = "/login")
- @ResponseBody
- public Object ajaxLogin(@RequestParam String username,
- @RequestParam String password, @RequestParam boolean rememberMe) {
- String ret="";
- Subject currentUser = SecurityUtils.getSubject();
- if (!currentUser.isAuthenticated()) {
- UsernamePasswordToken token = new UsernamePasswordToken(username,
- password);
- token.setRememberMe(rememberMe);
- try {
- currentUser.login(token);
- ret = "{success:true,message:'登陆成功'}";
- } catch (UnknownAccountException ex) {
- ret = "{success:false,message:'账号错误'}";
- logger.debug(ret);
- } catch (IncorrectCredentialsException ex) {
- ret = "{success:false,message:'密码错误'}";
- logger.debug(ret);
- } catch (LockedAccountException ex) {
- ret = "{success:false,message:'账号已被锁定,请与管理员联系'}";
- logger.debug(ret);
- } catch (AuthenticationException ex) {
- ret = "{success:false,message:'您没有授权'}";
- logger.debug(ret);
- }
- }
- // 返回json数据
- return ret;
- }
如果是html通过ajax请求,还需要加上跨域支持:
- <filter>
- <filter-name>accessFilter</filter-name>
- <filter-class>com.hotice.shequ.filter.AccessFilter</filter-class>
- </filter>
- <filter-mapping>
- <filter-name>accessFilter</filter-name>
- <url-pattern>/*</url-pattern>
- </filter-mapping>
- @Override
- public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse,
- FilterChain chain) throws IOException, ServletException {
- HttpServletResponse response = (HttpServletResponse) servletResponse;
- response.setHeader("Access-Control-Allow-Origin","*");
- response.setHeader("Access-Control-Allow-Headers", "Origin, X-Requested-With, Content-Type, Accept");
- chain.doFilter(servletRequest, servletResponse);
- }