返回响应头增加x-token,通过记住我登录系统时使用。

modules/core/src/main/java/com/jeesite/common/shiro/filter/UserFilter.java

@@ -4,8 +4,12 @@
  */
 package com.jeesite.common.shiro.filter;
 
+import com.jeesite.common.config.Global;
+import com.jeesite.common.lang.StringUtils;
+
 import javax.servlet.ServletRequest;
 import javax.servlet.ServletResponse;
+import javax.servlet.http.HttpServletResponse;
 import java.io.IOException;
 
 /**
@@ -14,7 +18,22 @@ import java.io.IOException;
  * @version 2017-03-22
  */
 public class UserFilter extends org.apache.shiro.web.filter.authc.UserFilter {
-	
+
+    private String sessionIdHeaderName;
+
+	public UserFilter () {
+        this.setSessionIdHeaderName(Global.getProperty("session.sessionIdHeaderName", "x-token"));
+	}
+
+	@Override
+	protected boolean isAccessAllowed(ServletRequest request, ServletResponse response, Object mappedValue) {
+		String sessionId = (String)request.getAttribute(getSessionIdHeaderName());
+		if (StringUtils.isNotBlank(sessionId)) {
+			((HttpServletResponse)response).setHeader(getSessionIdHeaderName(), sessionId);
+		}
+		return super.isAccessAllowed(request, response, mappedValue);
+	}
+
 	@Override
 	protected boolean onAccessDenied(ServletRequest request, ServletResponse response) throws IOException {
         return PermissionsFilter.redirectTo403Page(request, response);
@@ -24,5 +43,12 @@ public class UserFilter extends org.apache.shiro.web.filter.authc.UserFilter {
 	protected void redirectToLogin(ServletRequest request, ServletResponse response) throws IOException {
 		PermissionsFilter.redirectToDefaultPath(request, response);
 	}
-	
+
+	public String getSessionIdHeaderName() {
+		return sessionIdHeaderName;
+	}
+
+	public void setSessionIdHeaderName(String sessionIdHeaderName) {
+		this.sessionIdHeaderName = sessionIdHeaderName;
+	}
 }