weixin_33712881 2015-05-20 08:37 采纳率: 0%
浏览 92

没有重定向的Shiro过滤器

I have a REST-Interface that gets called from the Front-End code via jquery-Ajax-Requests. The called url is secured with the following shiro.ini:

/api/** = authc

If the user is not authenticated Shiro wants to redirect to the login-Url and the ajax-Request can't handle that. I'd prefer a HTML status code as answer. What's the best way to achieve this? Thanks for any answers!

  • 写回答

2条回答 默认 最新

  • weixin_33736048 2015-05-20 09:00
    关注

    You need to implement a custom shiro filter. Something like this:

            import javax.servlet.ServletRequest;
            import javax.servlet.ServletResponse;
    
            import java.io.IOException ;
            import javax.servlet.http.HttpServletResponse ;
    
            import org.apache.shiro.web.filter.authz.AuthorizationFilter ;
            import org.apache.shiro.web.util.WebUtils ;
    
            public class LocalhostFilter extends AuthorizationFilter {
    
                private static final String message = "Access denied.";
    
                @Override
                protected boolean isAccessAllowed(ServletRequest request, ServletResponse response, Object mappedValue) throws Exception {
                    //do something when access allowed
                    return true;       
     }
    
                @Override
                protected boolean onAccessDenied(ServletRequest request, ServletResponse response) throws IOException {
                    HttpServletResponse httpResponse ;
                    try { httpResponse = WebUtils.toHttp(response); }
                    catch (ClassCastException ex) { 
                        // Not a HTTP Servlet operation
                        return super.onAccessDenied(request, response) ;
                    }
                    if ( message == null )
                        httpResponse.sendError(403) ;
                    else
                        httpResponse.sendError(403, message) ;
                    return false ;  // No further processing.
                }
            }
    
    评论

报告相同问题?

悬赏问题

  • ¥15 链接问题 C++LNK2001 无法解析的外部符号
  • ¥50 安装pyaudiokits失败
  • ¥15 计组这些题应该咋做呀
  • ¥60 更换迈创SOL6M4AE卡的时候,驱动要重新装才能使用,怎么解决?
  • ¥15 让node服务器有自动加载文件的功能
  • ¥15 jmeter脚本回放有的是对的有的是错的
  • ¥15 r语言蛋白组学相关问题
  • ¥15 Python时间序列如何拟合疏系数模型
  • ¥15 求学软件的前人们指明方向🥺
  • ¥50 如何增强飞上天的树莓派的热点信号强度,以使得笔记本可以在地面实现远程桌面连接