pom优化,继承spring-boot-starter-parent;bat优化
This commit is contained in:
thinkgem
@@ -1,71 +1,72 @@
|
||||
/**
|
||||
* Copyright (c) 2013-Now http://jeesite.com All rights reserved.
|
||||
*/
|
||||
package com.jeesite.common.shiro.filter;
|
||||
|
||||
import javax.servlet.ServletRequest;
|
||||
import javax.servlet.ServletResponse;
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import javax.servlet.http.HttpServletResponse;
|
||||
|
||||
import org.apache.commons.lang3.StringUtils;
|
||||
import org.apache.shiro.session.SessionException;
|
||||
import org.apache.shiro.subject.Subject;
|
||||
import org.slf4j.Logger;
|
||||
import org.slf4j.LoggerFactory;
|
||||
|
||||
import com.jeesite.common.config.Global;
|
||||
import com.jeesite.common.web.http.ServletUtils;
|
||||
import com.jeesite.modules.sys.utils.LogUtils;
|
||||
|
||||
/**
|
||||
* 登出过滤器
|
||||
* @author ThinkGem
|
||||
* @version 2017-03-22
|
||||
*/
|
||||
public class LogoutFilter extends org.apache.shiro.web.filter.authc.LogoutFilter {
|
||||
|
||||
private static final Logger log = LoggerFactory.getLogger(LogoutFilter.class);
|
||||
|
||||
@Override
|
||||
protected boolean preHandle(ServletRequest request, ServletResponse response) throws Exception {
|
||||
try{
|
||||
Subject subject = getSubject(request, response);
|
||||
String redirectUrl = getRedirectUrl(request, response, subject);
|
||||
//try/catch added for SHIRO-298:
|
||||
try {
|
||||
// 记录用户退出日志
|
||||
LogUtils.saveLog(ServletUtils.getRequest(), "系统退出");
|
||||
// 退出登录
|
||||
subject.logout();
|
||||
} catch (SessionException ise) {
|
||||
log.debug("Encountered session exception during logout. This can generally safely be ignored.", ise);
|
||||
}
|
||||
|
||||
// 如果是Ajax请求,返回Json字符串。
|
||||
if (ServletUtils.isAjaxRequest((HttpServletRequest)request)){
|
||||
ServletUtils.renderResult((HttpServletResponse)response, Global.TRUE, "退出成功!");
|
||||
return false;
|
||||
}
|
||||
|
||||
issueRedirect(request, response, redirectUrl);
|
||||
}catch(Exception e){
|
||||
log.debug("Encountered session exception during logout. This can generally safely be ignored.", e);
|
||||
}
|
||||
return false;
|
||||
}
|
||||
|
||||
/**
|
||||
* 登出跳转URL
|
||||
*/
|
||||
@Override
|
||||
protected String getRedirectUrl(ServletRequest request, ServletResponse response, Subject subject) {
|
||||
String url = Global.getProperty("shiro.logoutUrl");
|
||||
// 如果配置了登出之后跳转的url,并且url不能为 ${adminPath}/logout 否则会造成死循环。
|
||||
if (StringUtils.isNoneBlank(url) && !url.equals((Global.getAdminPath()+"/logout"))){
|
||||
return url;
|
||||
}
|
||||
return super.getRedirectUrl(request, response, subject);
|
||||
}
|
||||
|
||||
}
|
||||
/**
|
||||
* Copyright (c) 2013-Now http://jeesite.com All rights reserved.
|
||||
*/
|
||||
package com.jeesite.common.shiro.filter;
|
||||
|
||||
import javax.servlet.ServletRequest;
|
||||
import javax.servlet.ServletResponse;
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import javax.servlet.http.HttpServletResponse;
|
||||
|
||||
import org.apache.commons.lang3.StringUtils;
|
||||
import org.apache.shiro.session.SessionException;
|
||||
import org.apache.shiro.subject.Subject;
|
||||
import org.slf4j.Logger;
|
||||
import org.slf4j.LoggerFactory;
|
||||
|
||||
import com.jeesite.common.config.Global;
|
||||
import com.jeesite.common.web.http.ServletUtils;
|
||||
import com.jeesite.modules.sys.utils.LogUtils;
|
||||
|
||||
/**
|
||||
* 登出过滤器
|
||||
* @author ThinkGem
|
||||
* @version 2017-03-22
|
||||
*/
|
||||
public class LogoutFilter extends org.apache.shiro.web.filter.authc.LogoutFilter {
|
||||
|
||||
private static final Logger log = LoggerFactory.getLogger(LogoutFilter.class);
|
||||
|
||||
@Override
|
||||
protected boolean preHandle(ServletRequest request, ServletResponse response) throws Exception {
|
||||
return super.preHandle(request, response);
|
||||
// try{
|
||||
// Subject subject = getSubject(request, response);
|
||||
// String redirectUrl = getRedirectUrl(request, response, subject);
|
||||
// //try/catch added for SHIRO-298:
|
||||
// try {
|
||||
// // 记录用户退出日志
|
||||
// LogUtils.saveLog(ServletUtils.getRequest(), "系统退出");
|
||||
// // 退出登录
|
||||
// subject.logout();
|
||||
// } catch (SessionException ise) {
|
||||
// log.debug("Encountered session exception during logout. This can generally safely be ignored.", ise);
|
||||
// }
|
||||
//
|
||||
// // 如果是Ajax请求,返回Json字符串。
|
||||
// if (ServletUtils.isAjaxRequest((HttpServletRequest)request)){
|
||||
// ServletUtils.renderResult((HttpServletResponse)response, Global.TRUE, "退出成功!");
|
||||
// return false;
|
||||
// }
|
||||
//
|
||||
// issueRedirect(request, response, redirectUrl);
|
||||
// }catch(Exception e){
|
||||
// log.debug("Encountered session exception during logout. This can generally safely be ignored.", e);
|
||||
// }
|
||||
// return false;
|
||||
}
|
||||
|
||||
/**
|
||||
* 登出跳转URL
|
||||
*/
|
||||
@Override
|
||||
protected String getRedirectUrl(ServletRequest request, ServletResponse response, Subject subject) {
|
||||
return super.getRedirectUrl(request, response, subject);
|
||||
// String url = Global.getProperty("shiro.logoutUrl");
|
||||
// // 如果配置了登出之后跳转的url,并且url不能为 ${adminPath}/logout 否则会造成死循环。
|
||||
// if (StringUtils.isNoneBlank(url) && !url.equals((Global.getAdminPath()+"/logout"))){
|
||||
// return url;
|
||||
// }
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
@@ -1,81 +1,81 @@
|
||||
/**
|
||||
* Copyright (c) 2013-Now http://jeesite.com All rights reserved.
|
||||
*/
|
||||
package com.jeesite.common.shiro.filter;
|
||||
|
||||
import java.io.IOException;
|
||||
|
||||
import javax.servlet.ServletException;
|
||||
import javax.servlet.ServletRequest;
|
||||
import javax.servlet.ServletResponse;
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
|
||||
import org.apache.shiro.SecurityUtils;
|
||||
import org.apache.shiro.authz.UnauthorizedException;
|
||||
import org.apache.shiro.subject.Subject;
|
||||
import org.apache.shiro.web.util.WebUtils;
|
||||
|
||||
import com.jeesite.common.config.Global;
|
||||
import com.jeesite.common.web.http.ServletUtils;
|
||||
import com.jeesite.common.web.http.wrapper.GetHttpServletRequestWrapper;
|
||||
|
||||
/**
|
||||
* 权限字符串过滤器
|
||||
* @author ThinkGem
|
||||
* @version 2017-03-22
|
||||
*/
|
||||
public class PermissionsAuthorizationFilter extends org.apache.shiro.web.filter.authz.PermissionsAuthorizationFilter {
|
||||
|
||||
@Override
|
||||
protected void redirectToLogin(ServletRequest request, ServletResponse response) throws IOException {
|
||||
PermissionsAuthorizationFilter.redirectToDefaultPath(request, response);
|
||||
}
|
||||
|
||||
@Override
|
||||
protected boolean onAccessDenied(ServletRequest request, ServletResponse response) throws IOException {
|
||||
return PermissionsAuthorizationFilter.redirectTo403Page(request, response);
|
||||
}
|
||||
|
||||
/**
|
||||
* 无访问权限时,跳转到403页面
|
||||
* @param request
|
||||
* @param response
|
||||
* @return
|
||||
* @throws IOException
|
||||
* @author ThinkGem
|
||||
*/
|
||||
public static boolean redirectTo403Page(ServletRequest request, ServletResponse response) throws IOException {
|
||||
Subject subject = SecurityUtils.getSubject();
|
||||
// If the subject isn't identified, redirect to login URL
|
||||
if (subject.getPrincipal() == null) {
|
||||
redirectToDefaultPath(request, response);
|
||||
} else {
|
||||
try {
|
||||
// 如果访问的是未授权页面,则直接转到403页面(2016-11-3)
|
||||
request.getRequestDispatcher("/error/403").forward(request, response);
|
||||
} catch (ServletException e) {
|
||||
throw new UnauthorizedException(e);
|
||||
}
|
||||
}
|
||||
return false;
|
||||
}
|
||||
|
||||
/**
|
||||
* 跳转登录页时,跳转到默认首页
|
||||
*/
|
||||
public static void redirectToDefaultPath(ServletRequest request, ServletResponse response) throws IOException {
|
||||
// AJAX不支持Redirect改用Forward
|
||||
String loginUrl = Global.getProperty("defaultPath");
|
||||
if (ServletUtils.isAjaxRequest((HttpServletRequest) request)) {
|
||||
try {
|
||||
request.getRequestDispatcher(loginUrl).forward(
|
||||
new GetHttpServletRequestWrapper(request), response);
|
||||
} catch (ServletException e) {
|
||||
e.printStackTrace();
|
||||
}
|
||||
}else{
|
||||
WebUtils.issueRedirect(request, response, loginUrl);
|
||||
}
|
||||
}
|
||||
|
||||
}
|
||||
/**
|
||||
* Copyright (c) 2013-Now http://jeesite.com All rights reserved.
|
||||
*/
|
||||
package com.jeesite.common.shiro.filter;
|
||||
|
||||
import java.io.IOException;
|
||||
|
||||
import javax.servlet.ServletException;
|
||||
import javax.servlet.ServletRequest;
|
||||
import javax.servlet.ServletResponse;
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
|
||||
import org.apache.shiro.SecurityUtils;
|
||||
import org.apache.shiro.authz.UnauthorizedException;
|
||||
import org.apache.shiro.subject.Subject;
|
||||
import org.apache.shiro.web.util.WebUtils;
|
||||
|
||||
import com.jeesite.common.config.Global;
|
||||
import com.jeesite.common.web.http.ServletUtils;
|
||||
import com.jeesite.common.web.http.wrapper.GetHttpServletRequestWrapper;
|
||||
|
||||
/**
|
||||
* 权限字符串过滤器
|
||||
* @author ThinkGem
|
||||
* @version 2017-03-22
|
||||
*/
|
||||
public class PermissionsAuthorizationFilter extends org.apache.shiro.web.filter.authz.PermissionsAuthorizationFilter {
|
||||
|
||||
@Override
|
||||
protected void redirectToLogin(ServletRequest request, ServletResponse response) throws IOException {
|
||||
PermissionsAuthorizationFilter.redirectToDefaultPath(request, response);
|
||||
}
|
||||
|
||||
@Override
|
||||
protected boolean onAccessDenied(ServletRequest request, ServletResponse response) throws IOException {
|
||||
return PermissionsAuthorizationFilter.redirectTo403Page(request, response);
|
||||
}
|
||||
|
||||
/**
|
||||
* 无访问权限时,跳转到403页面
|
||||
* @param request
|
||||
* @param response
|
||||
* @return
|
||||
* @throws IOException
|
||||
* @author ThinkGem
|
||||
*/
|
||||
public static boolean redirectTo403Page(ServletRequest request, ServletResponse response) throws IOException {
|
||||
Subject subject = SecurityUtils.getSubject();
|
||||
// If the subject isn't identified, redirect to login URL
|
||||
if (subject.getPrincipal() == null) {
|
||||
redirectToDefaultPath(request, response);
|
||||
} else {
|
||||
try {
|
||||
// 如果访问的是未授权页面,则直接转到403页面(2016-11-3)
|
||||
request.getRequestDispatcher("/error/403").forward(request, response);
|
||||
} catch (ServletException e) {
|
||||
throw new UnauthorizedException(e);
|
||||
}
|
||||
}
|
||||
return false;
|
||||
}
|
||||
|
||||
/**
|
||||
* 跳转登录页时,跳转到默认首页
|
||||
*/
|
||||
public static void redirectToDefaultPath(ServletRequest request, ServletResponse response) throws IOException {
|
||||
// AJAX不支持Redirect改用Forward
|
||||
String loginUrl = Global.getProperty("defaultPath");
|
||||
if (ServletUtils.isAjaxRequest((HttpServletRequest) request)) {
|
||||
try {
|
||||
request.getRequestDispatcher(loginUrl).forward(
|
||||
new GetHttpServletRequestWrapper(request), response);
|
||||
} catch (ServletException e) {
|
||||
e.printStackTrace();
|
||||
}
|
||||
}else{
|
||||
WebUtils.issueRedirect(request, response, loginUrl);
|
||||
}
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
@@ -1,28 +1,30 @@
|
||||
/**
|
||||
* Copyright (c) 2013-Now http://jeesite.com All rights reserved.
|
||||
*/
|
||||
package com.jeesite.common.shiro.filter;
|
||||
|
||||
import java.io.IOException;
|
||||
|
||||
import javax.servlet.ServletRequest;
|
||||
import javax.servlet.ServletResponse;
|
||||
|
||||
/**
|
||||
* 角色权限过滤器
|
||||
* @author ThinkGem
|
||||
* @version 2017-03-22
|
||||
*/
|
||||
public class RolesAuthorizationFilter extends org.apache.shiro.web.filter.authz.RolesAuthorizationFilter {
|
||||
|
||||
@Override
|
||||
protected void redirectToLogin(ServletRequest request, ServletResponse response) throws IOException {
|
||||
PermissionsAuthorizationFilter.redirectToDefaultPath(request, response);
|
||||
}
|
||||
|
||||
@Override
|
||||
protected boolean onAccessDenied(ServletRequest request, ServletResponse response) throws IOException {
|
||||
return PermissionsAuthorizationFilter.redirectTo403Page(request, response);
|
||||
}
|
||||
|
||||
}
|
||||
/**
|
||||
* Copyright (c) 2013-Now http://jeesite.com All rights reserved.
|
||||
*/
|
||||
package com.jeesite.common.shiro.filter;
|
||||
|
||||
import java.io.IOException;
|
||||
|
||||
import javax.servlet.ServletRequest;
|
||||
import javax.servlet.ServletResponse;
|
||||
|
||||
/**
|
||||
* 角色权限过滤器
|
||||
* @author ThinkGem
|
||||
* @version 2017-03-22
|
||||
*/
|
||||
public class RolesAuthorizationFilter extends org.apache.shiro.web.filter.authz.RolesAuthorizationFilter {
|
||||
|
||||
@Override
|
||||
protected void redirectToLogin(ServletRequest request, ServletResponse response) throws IOException {
|
||||
super.redirectToLogin(request, response);
|
||||
// PermissionsAuthorizationFilter.redirectToDefaultPath(request, response);
|
||||
}
|
||||
|
||||
@Override
|
||||
protected boolean onAccessDenied(ServletRequest request, ServletResponse response) throws IOException {
|
||||
return super.onAccessDenied(request, response);
|
||||
// return PermissionsAuthorizationFilter.redirectTo403Page(request, response);
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
@@ -49,7 +49,6 @@ import com.jeesite.modules.sys.service.UserService;
|
||||
* @author ThinkGem
|
||||
* @version 2017-10-22
|
||||
*/
|
||||
//@Commit
|
||||
public class InitCoreData extends BaseInitDataTests {
|
||||
|
||||
@Override
|
||||
|
||||
@@ -48,12 +48,12 @@ public class LoginController extends BaseController{
|
||||
*/
|
||||
@RequestMapping(value = "login", method = RequestMethod.GET)
|
||||
public String login(HttpServletRequest request, HttpServletResponse response, Model model) {
|
||||
// // 地址中如果包含JSESSIONID,则跳转一次,去掉JSESSIONID信息。
|
||||
// if (StringUtils.containsIgnoreCase(request.getRequestURI(), ";JSESSIONID=")){
|
||||
// String queryString = request.getQueryString();
|
||||
// queryString = queryString == null ? "" : "?" + queryString;
|
||||
// return REDIRECT + adminPath + "/login" + queryString;
|
||||
// }
|
||||
// 地址中如果包含JSESSIONID,则跳转一次,去掉JSESSIONID信息。
|
||||
if (StringUtils.containsIgnoreCase(request.getRequestURI(), ";JSESSIONID=")){
|
||||
String queryString = request.getQueryString();
|
||||
queryString = queryString == null ? "" : "?" + queryString;
|
||||
return REDIRECT + adminPath + "/login" + queryString;
|
||||
}
|
||||
|
||||
LoginInfo loginInfo = UserUtils.getLoginInfo();
|
||||
|
||||
@@ -196,12 +196,12 @@ public class LoginController extends BaseController{
|
||||
*/
|
||||
@RequestMapping(value = "index")
|
||||
public String index(HttpServletRequest request, HttpServletResponse response, Model model) {
|
||||
// // 地址中如果包含JSESSIONID,则跳转一次,去掉JSESSIONID信息。
|
||||
// if (StringUtils.containsIgnoreCase(request.getRequestURI(), ";JSESSIONID=")){
|
||||
// String queryString = request.getQueryString();
|
||||
// queryString = queryString == null ? "" : "?" + queryString;
|
||||
// return REDIRECT + adminPath + "/index" + queryString;
|
||||
// }
|
||||
// 地址中如果包含JSESSIONID,则跳转一次,去掉JSESSIONID信息。
|
||||
if (StringUtils.containsIgnoreCase(request.getRequestURI(), ";JSESSIONID=")){
|
||||
String queryString = request.getQueryString();
|
||||
queryString = queryString == null ? "" : "?" + queryString;
|
||||
return REDIRECT + adminPath + "/index" + queryString;
|
||||
}
|
||||
|
||||
// 验证下用户权限,以便调用doGetAuthorizationInfo方法,保存单点登录登出句柄
|
||||
if (!SecurityUtils.getSubject().isPermitted("user")){
|
||||
|
||||
Reference in New Issue
Block a user