本文介绍Spring框架中使用Shiro进行用户登出(logout)的两种配置方法:一是通过自定义Action实现;二是利用Shiro提供的LogoutFilter。文章详细展示了如何配置ShiroFilterFactoryBean,并给出了具体的代码示例。
spring中 shiro logout 配置方式有两种方式实现logout
1. 普通的action中 实现自己的logout方法,取到Subject,然后logout
@RequestMapping(value = "${adminPath}/logout", method = RequestMethod.GET)
public String logout(HttpServletRequest request, HttpServletResponse response, Model model) throws IOException {
Principal principal = UserUtils.getPrincipal();
// 如果已经登录,则跳转到管理首页
if(principal != null){
UserUtils.getSubject().logout();
}
return "redirect:" + adminPath+"/login";
}
这种需要在ShiroFilterFactoryBean 中配置 filterChainDefinitions
对应的action的url为anon
<bean name="shiroFilterChainDefinitions" class="java.lang.String">
<constructor-arg>
<value>
/static/** = anon
/userfiles/** = anon
${adminPath}/cas = cas
${adminPath}/login = authc
${adminPath}/logout = anno
${adminPath}/** = user
/act/rest/service/editor/** = perms[act:model:edit]
/act/rest/service/model/** = perms[act:model:edit]
/act/rest/service/** = user
/ReportServer/** = user
</value>
</constructor-arg>
</bean>
2. 使用shiro提供的logout filter 需要定义 相应的bean
<<bean id="shiroFilter" class="org.apache.shiro.spring.web.ShiroFilterFactoryBean">
<property name="securityManager" ref="securityManager" /><!--
<property name="loginUrl" value="${cas.server.url}?service=${cas.project.url}${adminPath}/cas" /> -->
<property name="loginUrl" value="${adminPath}/login" />
<property name="successUrl" value="${adminPath}?login" />
<property name="filters">
<map>
<entry key="cas" value-ref="casFilter"/>
<entry key="authc" value-ref="formAuthenticationFilter"/>
<entry key="logout" value-ref="logoutFilter" />
</map>
</property>
<property name="filterChainDefinitions">
<ref bean="shiroFilterChainDefinitions"/>
</property>
</bean>对应在 shiroFilterChainDefinitions中将对应的url改为logout
<bean name="shiroFilterChainDefinitions" class="java.lang.String">
<constructor-arg>
<value>
/static/** = anon
/userfiles/** = anon
${adminPath}/cas = cas
${adminPath}/login = authc
${adminPath}/logout = logout
${adminPath}/** = user
/act/rest/service/editor/** = perms[act:model:edit]
/act/rest/service/model/** = perms[act:model:edit]
/act/rest/service/** = user
/ReportServer/** = user
</value>
</constructor-arg>
</bean><bean id="logoutFilter" class="org.apache.shiro.web.filter.authc.LogoutFilter"> <property name="redirectUrl" value="${adminPath}/login" /> </bean>
扫一扫
1万+
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
