最近在学习shiro时遇到一个问题,在ajax请求时,若是session失效时,没法正确的跳转登陆页面。在以前的项目中处理的方法是经过自定义一个过滤器来处理,session失效时返回错误码来处理。但由于使用shiro后,会先执行shiro定义的过滤器,才会执行自定义的过滤器,因此以前的方法行不通,参考了不少大大的博客,把个人处理方法贴上。javascript
1.自定义拦截器LoginFormFilter拦截器,继承FormAuthenticationFilter类,在须要登陆而未登陆的请求都会执行onAccessDenied请求。css
package com.xxfy.demo.filter;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.shiro.web.filter.authc.FormAuthenticationFilter;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import com.xxfy.demo.util.HttpUtils;
public class LoginFormFilter extends FormAuthenticationFilter {
private static final Logger log = LoggerFactory.getLogger(LoginFormFilter.class);
@Override
protected boolean onAccessDenied(ServletRequest request, ServletResponse response) throws Exception {
HttpServletRequest httpServletRequest = (HttpServletRequest)request;
HttpServletResponse httpServletResponse = (HttpServletResponse)response;
if (isLoginRequest(request, response)) {
if (isLoginSubmission(request, response)) {
if (log.isTraceEnabled()) {
log.trace("Login submission detected. Attempting to execute login.");
}
return executeLogi