shiro框架实现单点登录

版权声明:本文为博主原创文章,未经博主允许不得转载。 https://blog.csdn.net/zclcqlove/article/details/79961441
import org.apache.shiro.session.Session;
import org.apache.shiro.session.mgt.eis.SessionDAO;


public class MyShiroRealm extends AuthorizingRealm {

    private static final Logger logger = LoggerFactory.getLogger(MyShiroRealm.class);

    @Autowired
    private SessionDAO sessionDAO;

    @Override
    protected AuthenticationInfo doGetAuthenticationInfo(
            AuthenticationToken authcToken) throws AuthenticationException {

        UsernamePasswordCaptchaToken token = (UsernamePasswordCaptchaToken) authcToken;

        String loginName = token.getUsername();

        // 踢出已登录的用户
        Collection<Session> sessions = sessionDAO.getActiveSessions();
        for (Session session : sessions) {
            if (loginName.equals(String.valueOf(session.getAttribute(DefaultSubjectContext.PRINCIPALS_SESSION_KEY)))) {
                session.setTimeout(0);// 设置session立即失效,即将其踢出系统
                break;
            }
        }
        ...
 }
阅读更多
想对作者说点什么?

博主推荐

换一批

没有更多推荐了,返回首页