AccessControlFilter
-
访问控制过滤器,继承PathMatchingFilter过滤器,重写onPreHandle方法.
-
isAccessAllowed 是否允许访问
-
onAccessDenied 是否拒绝访问
我们通过重写上边两个方法来控制过滤逻辑,实现当前的需求,用户不登录点赞提示请登录
- 定义一个LoginAuthFilter继承AccessControlFilter
- 前端js渲染脚本
// 前端弹窗的js代码
private static final String JS =
"<script type='text/javascript'>var wp=window.parent; if(wp!=null){while(wp.parent&&wp.parent!==wp){wp=wp.parent;}wp.location.href='%1$s';}else{window.location.href='%1$s';}</script>";
private String loginUrl = "/login";
- 重写isAccessAllowed方法判断用户是否登录
@Override
protected boolean isAccessAllowed(
ServletRequest request, ServletResponse response, Object mappedValue) throws Exception {
Subject subject = SecurityUtils.getSubject();
if (null != subject) {
if (subject.isRemembered()) {
return true;
}
if (subject.isAuthenticated()) {
return true;
}
}
return false;
}
- 重写onAccessDenied方法,ajax请求返回错误code,提示‘请登录’否则跳转到登录页
查看完整代码移步