From 45a09933b0956e01c8fb43dbaa869d196ad083e1 Mon Sep 17 00:00:00 2001 From: thinkgem Date: Wed, 8 Aug 2018 21:40:24 +0800 Subject: [PATCH] =?UTF-8?q?=E6=96=B0=E5=A2=9E=E5=8F=82=E6=95=B0=EF=BC=9A?= =?UTF-8?q?=E6=98=AF=E5=90=A6=E5=9C=A8=E7=99=BB=E5=BD=95=E5=90=8E=E7=94=9F?= =?UTF-8?q?=E6=88=90=E6=96=B0=E7=9A=84Session=EF=BC=88=E9=BB=98=E8=AE=A4fa?= =?UTF-8?q?lse=EF=BC=89=E8=AF=A6=E8=A7=81=20jeesite.yml?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../shiro/filter/FormAuthenticationFilter.java | 16 ++++++++++++++++ .../src/main/resources/config/jeesite-core.yml | 5 ++++- web/src/main/resources/config/jeesite.yml | 5 ++++- 3 files changed, 24 insertions(+), 2 deletions(-) diff --git a/modules/core/src/main/java/com/jeesite/common/shiro/filter/FormAuthenticationFilter.java b/modules/core/src/main/java/com/jeesite/common/shiro/filter/FormAuthenticationFilter.java index 5da00345..0ef844c3 100644 --- a/modules/core/src/main/java/com/jeesite/common/shiro/filter/FormAuthenticationFilter.java +++ b/modules/core/src/main/java/com/jeesite/common/shiro/filter/FormAuthenticationFilter.java @@ -31,6 +31,7 @@ import com.jeesite.common.shiro.authc.FormToken; import com.jeesite.common.shiro.realm.BaseAuthorizingRealm; import com.jeesite.common.shiro.realm.LoginInfo; import com.jeesite.common.web.http.ServletUtils; +import com.jeesite.modules.sys.utils.UserUtils; /** * 表单验证(包含验证码)过滤类 @@ -157,6 +158,9 @@ public class FormAuthenticationFilter extends org.apache.shiro.web.filter.authc. return captcha; } + /** + * 跳转登录页时,跳转到默认首页 + */ @Override protected void redirectToLogin(ServletRequest request, ServletResponse response) throws IOException { PermissionsAuthorizationFilter.redirectToDefaultPath(request, response); @@ -208,6 +212,18 @@ public class FormAuthenticationFilter extends org.apache.shiro.web.filter.authc. boolean isLogin = WebUtils.isTrue(request, "__login"); return super.isLoginSubmission(request, response) || isLogin; } + + /** + * 执行登录方法 + */ + @Override + protected boolean executeLogin(ServletRequest request, ServletResponse response) throws Exception { + // 是否在登录后生成新的Session(默认false) + if (Global.getPropertyToBoolean("shiro.isGenerateNewSessionAfterLogin", "false")){ + UserUtils.getSubject().logout(); + } + return super.executeLogin(request, response); + } /** * 登录成功调用事件 diff --git a/modules/core/src/main/resources/config/jeesite-core.yml b/modules/core/src/main/resources/config/jeesite-core.yml index 1da810ae..1df565b9 100644 --- a/modules/core/src/main/resources/config/jeesite-core.yml +++ b/modules/core/src/main/resources/config/jeesite-core.yml @@ -237,7 +237,7 @@ shiro: # 是否加密单点登录安全Key encryptKey: true - # 登录提交信息加密 + # 登录提交信息加密(如果不需要加密,设置为空即可) loginSubmit: # 登录提交信息安全Key,加密用户名、密码、验证码,后再提交(key设置为3个,用逗号分隔) @@ -259,6 +259,9 @@ shiro: # accessControlAllowOrigin: http://demo.jeesite.net # accessControlAllowOrigin: '*' + # 是否在登录后生成新的Session(默认false) + isGenerateNewSessionAfterLogin: false + # URI 权限过滤器定义 filterChainDefinitions: | /ReportServer/** = user diff --git a/web/src/main/resources/config/jeesite.yml b/web/src/main/resources/config/jeesite.yml index ef496f32..16f9a4ff 100644 --- a/web/src/main/resources/config/jeesite.yml +++ b/web/src/main/resources/config/jeesite.yml @@ -260,7 +260,7 @@ jdbc: # # 是否加密单点登录安全Key # encryptKey: true # -# # 登录提交信息加密 +# # 登录提交信息加密(如果不需要加密,设置为空即可) # loginSubmit: # # # 登录提交信息安全Key,加密用户名、密码、验证码,后再提交(key设置为3个,用逗号分隔) @@ -281,6 +281,9 @@ jdbc: # # 是否允许跨域访问,如果允许,设置允许的域名,全部域名设置*号,如果不允许,此设置应该为空 ## accessControlAllowOrigin: http://demo.jeesite.com ## accessControlAllowOrigin: '*' +# +# # 是否在登录后生成新的Session(默认false) +# isGenerateNewSessionAfterLogin: false # # # URI 权限过滤器定义 # filterChainDefinitions: |