From 37259267a24b159429bb0eac100cdb37718118f9 Mon Sep 17 00:00:00 2001 From: thinkgem Date: Sat, 20 Feb 2021 11:35:00 +0800 Subject: [PATCH] =?UTF-8?q?=E5=BD=93=E5=90=AF=E7=94=A8=E7=99=BB=E5=BD=95?= =?UTF-8?q?=E5=90=8E=E7=94=9F=E6=88=90=E6=96=B0=E7=9A=84sid=E6=97=B6?= =?UTF-8?q?=EF=BC=8C=E9=AA=8C=E8=AF=81=E7=A0=81=E5=A4=B1=E6=95=88=E9=97=AE?= =?UTF-8?q?=E9=A2=98=E3=80=82?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../shiro/filter/FormAuthenticationFilter.java | 15 +++++++++++++++ 1 file changed, 15 insertions(+) diff --git a/modules/core/src/main/java/com/jeesite/common/shiro/filter/FormAuthenticationFilter.java b/modules/core/src/main/java/com/jeesite/common/shiro/filter/FormAuthenticationFilter.java index 7b45d18e..a293ee9e 100644 --- a/modules/core/src/main/java/com/jeesite/common/shiro/filter/FormAuthenticationFilter.java +++ b/modules/core/src/main/java/com/jeesite/common/shiro/filter/FormAuthenticationFilter.java @@ -40,6 +40,7 @@ import com.jeesite.modules.sys.entity.Log; import com.jeesite.modules.sys.entity.User; import com.jeesite.modules.sys.utils.LogUtils; import com.jeesite.modules.sys.utils.UserUtils; +import com.jeesite.modules.sys.utils.ValidCodeUtils; /** * 表单验证(包含验证码)过滤类 @@ -243,7 +244,21 @@ public class FormAuthenticationFilter extends org.apache.shiro.web.filter.authc. protected boolean executeLogin(ServletRequest request, ServletResponse response) throws Exception { // 是否在登录后生成新的Session(默认false) if (Global.getPropertyToBoolean("shiro.isGenerateNewSessionAfterLogin", "false")){ + String[] keys = new String[] {ValidCodeUtils.VALID_CODE}; + Map map = MapUtils.newHashMap(); + final Session sessionOld = UserUtils.getSession(); + for (String key : keys) { + Object value = sessionOld.getAttribute(key); + if (value != null) { + map.put(key, value); + } + } UserUtils.getSubject().logout(); + // 恢复生成新的Session之前的Session数据 + final Session sessionNew = UserUtils.getSession(); + map.forEach((key, value) -> { + sessionNew.setAttribute(key, value); + }); } return super.executeLogin(request, response); }