ShiroLoginFilter
import com.alibaba.fastjson.JSONObject;
import com.xxxxxx.oa.common.utils.R;
import org.apache.shiro.web.filter.authc.FormAuthenticationFilter;
import org.apache.shiro.web.util.WebUtils;
import org.springframework.http.HttpStatus;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
public class ShiroLoginFilter extends FormAuthenticationFilter {
/**
* 在访问controller前判断是否登录,返回json,不进行重定向。
* @param request
* @param response
* @return true-继续往下执行,false-该filter过滤器已经处理,不继续执行其他过滤器
* @throws Exception
*/
@Override
protected boolean onAccessDenied(ServletRequest request, ServletResponse response) throws Exception {
System.out.println("ShiroLoginFilter");
HttpServletResponse httpServletResponse = (HttpServletResponse) response;
httpServletResponse.setCharacterEncoding("UTF-8");
httpServletResponse.setContentType("application/json");
R r = R.error(-1,"登录认证失效,请重新登录!");
httpServletResponse.getWriter().write(JSONObject.toJSON(r).toString());
return false;
}
}
ShiroConfig内增加:
@Bean
public ShiroLoginFilter shiroLoginFilter(){
return new ShiroLoginFilter();
}
把 // shiroFilterFactoryBean.setLoginUrl("http://localhost:8080/"); 这行注释掉。