q975583865
一点寒芒先至
采纳率100%
2017-12-07 04:43 阅读 3.1k
已采纳

app的token免登+shiro

5

大家好,问一下,app一个带token的非登录请求,shiro会判断为未登录property name="loginUrl" value="/login" /> 重定向到登录jsp,如何做到免登录不跳转到jsp且正常访问接口

我继承了FormAuthenticationFilter,重写了issueSuccessRedirect,吧第一次的请求存到了缓存,但是第二次非登录请求不能做到免登正常访问,还给重定向了。。。

  • 点赞
  • 写回答
  • 关注问题
  • 收藏
  • 复制链接分享

3条回答 默认 最新

  • 已采纳
    qq_25996219 User_undefined 2017-12-07 08:02

    如果是只访问接口的话可以设置url不走shiro过滤器达到不跳进登录页

    点赞 评论 复制链接分享
  • qq_25996219 User_undefined 2017-12-07 08:33
        <!-- Shiro权限过滤过滤器定义 -->
        <bean name="shiroFilterChainDefinitions" class="java.lang.String">
            <constructor-arg>
                <value>             
                    /registration/smsRegistration/** = anon
                    /static/** = anon
                    /userfiles/** = anon
                    /updatep/** = anon
                    ${commonPath}/** = user
                    ${adminPath}/phone/** = anon
                    ${adminPath}/cas = cas
                    ${adminPath}/login = authc
                    ${adminPath}/logout = anon
                    ${adminPath}/** = user
                    /act/rest/service/editor/** = perms[act:model:edit]
                    /act/rest/service/model/** = perms[act:model:edit]
                    /act/rest/service/** = user
                    /ReportServer/** = user
                </value>
            </constructor-arg>
        </bean>
        <!-- 安全认证过滤器 -->
        <bean id="shiroFilter" class="org.apache.shiro.spring.web.ShiroFilterFactoryBean">
            <property name="securityManager" ref="securityManager" /> 
            <property name="loginUrl" value="${adminPath}/login" />
            <property name="successUrl" value="${adminPath}?login" />
            <property name="filters">
                <map>
                    <entry key="cas" value-ref="casFilter"/>
                    <entry key="authc" value-ref="formAuthenticationFilter"/>
                </map>
            </property>
            <property name="filterChainDefinitions">
                <ref bean="shiroFilterChainDefinitions"/>
            </property>
        </bean>
    
    
    点赞 评论 复制链接分享
  • qq_25996219 User_undefined 2017-12-07 08:40

    /static/** = anon,配置为不过滤
    ${commonPath}/** = user,配置为登录后的才可以访问
    ${adminPath}/login = authc,这个是自定义的权限

    点赞 评论 复制链接分享

相关推荐