public class BaseFormAuthenticationFilter extends FormAuthenticationFilter {
private static final Logger log = LoggerFactory.getLogger(BaseFormAuthenticationFilter.class);
@Override
protected boolean isAccessAllowed(ServletRequest request,
ServletResponse response, Object mappedValue) {
try {
// 先判断是否是登录操作
if (isLoginSubmission(request, response)) {
if (log.isTraceEnabled()) {
log.trace("Login submission detected. Attempting to execute login.");
}
return false;
}
} catch (Exception e) {
log.error(Exceptions.getStackTraceAsString(e));
}
return super.isAccessAllowed(request, response, mappedValue);
}
}
<bean id="shiroFilter" class="org.apache.shiro.spring.web.ShiroFilterFactoryBean">
<property name="securityManager" ref="securityManager" />
<property name="loginUrl" value="/logon" />
<property name="successUrl" value="/" />
<property name="filters">
<map>
<entry key="authc" value-ref="authc"/>
</map>
</property>
<property name="filterChainDefinitions">
<value>
/logon = authc
</value>
</property>
</bean>