原文来自:http://blog.csdn.net/ght521/article/details/52355663
1. 普通的action中 实现自己的logout方法,取到Subject,然后logout
- @RequestMapping(value = "${adminPath}/logout", method = RequestMethod.GET)
- public String logout(HttpServletRequest request, HttpServletResponse response, Model model) throws IOException {
- Principal principal = UserUtils.getPrincipal();
-
- if(principal != null){
- UserUtils.getSubject().logout();
- }
- return "redirect:" + adminPath+"/login";
- }
这种需要在ShiroFilterFactoryBean 中配置 filterChainDefinitions
对应的action的url为anon
- <bean name="shiroFilterChainDefinitions" class="java.lang.String">
- <constructor-arg>
- <value>
- /static/** = anon
- /userfiles/** = anon
- ${adminPath}/cas = cas
- ${adminPath}/login = authc
- ${adminPath}/logout = anno
- ${adminPath}/** = user
- /act/rest/service/editor/** = perms[act:model:edit]
- /act/rest/service/model/** = perms[act:model:edit]
- /act/rest/service/** = user
- /ReportServer/** = user
- </value>
- </constructor-arg>
- </bean>
2. 使用shiro提供的logout filter 需要定义 相应的bean
- <<bean id="shiroFilter" class="org.apache.shiro.spring.web.ShiroFilterFactoryBean">
- <property name="securityManager" ref="securityManager" />
-
- <property name="loginUrl" value="${adminPath}/login" />
- <property name="successUrl" value="${adminPath}?login" />
- <property name="filters">
- <map>
- <entry key="cas" value-ref="casFilter"/>
- <entry key="authc" value-ref="formAuthenticationFilter"/>
- <entry key="logout" value-ref="logoutFilter" />
- </map>
- </property>
- <property name="filterChainDefinitions">
- <ref bean="shiroFilterChainDefinitions"/>
- </property>
- </bean>
对应在 shiroFilterChainDefinitions中将对应的url改为logout
- <bean name="shiroFilterChainDefinitions" class="java.lang.String">
- <constructor-arg>
- <value>
- /static/** = anon
- /userfiles/** = anon
- ${adminPath}/cas = cas
- ${adminPath}/login = authc
- ${adminPath}/logout = logout
- ${adminPath}/** = user
- /act/rest/service/editor/** = perms[act:model:edit]
- /act/rest/service/model/** = perms[act:model:edit]
- /act/rest/service/** = user
- /ReportServer/** = user
- </value>
- </constructor-arg>
- lt;/bean>
并配置loginFilterbean
- <bean id="logoutFilter" class="org.apache.shiro.web.filter.authc.LogoutFilter">
- <property name="redirectUrl" value="${adminPath}/login" />
- </bean>