import org.apache.shiro.session.Session;
import org.apache.shiro.session.mgt.eis.SessionDAO;
public class MyShiroRealm extends AuthorizingRealm {
private static final Logger logger = LoggerFactory.getLogger(MyShiroRealm.class);
@Autowired
private SessionDAO sessionDAO;
@Override
protected AuthenticationInfo doGetAuthenticationInfo(
AuthenticationToken authcToken) throws AuthenticationException {
UsernamePasswordCaptchaToken token = (UsernamePasswordCaptchaToken) authcToken;
String loginName = token.getUsername();
// 踢出已登录的用户
Collection<Session> sessions = sessionDAO.getActiveSessions();
for (Session session : sessions) {
if (loginName.equals(String.valueOf(session.getAttribute(DefaultSubjectContext.PRINCIPALS_SESSION_KEY)))) {
session.setTimeout(0);// 设置session立即失效,即将其踢出系统
break;
}
}
...
}
shiro框架实现单点登录
最新推荐文章于 2024-08-19 17:16:42 发布