修正CAS中央认证服务退出后,没有退出客户端的问题
This commit is contained in:
thinkgem
@@ -4,19 +4,19 @@
|
||||
*/
|
||||
package com.jeesite.common.shiro.filter;
|
||||
|
||||
import javax.servlet.ServletRequest;
|
||||
import javax.servlet.ServletResponse;
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import javax.servlet.http.HttpServletResponse;
|
||||
|
||||
import com.jeesite.common.lang.ExceptionUtils;
|
||||
import com.jeesite.common.lang.StringUtils;
|
||||
import com.jeesite.common.shiro.realm.BaseAuthorizingRealm;
|
||||
import com.jeesite.modules.sys.utils.UserUtils;
|
||||
import org.apache.shiro.authc.AuthenticationException;
|
||||
import org.apache.shiro.authc.AuthenticationToken;
|
||||
import org.apache.shiro.subject.Subject;
|
||||
import org.apache.shiro.web.util.WebUtils;
|
||||
|
||||
import com.jeesite.common.lang.ExceptionUtils;
|
||||
import com.jeesite.common.lang.StringUtils;
|
||||
import com.jeesite.common.shiro.realm.BaseAuthorizingRealm;
|
||||
import javax.servlet.ServletRequest;
|
||||
import javax.servlet.ServletResponse;
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import javax.servlet.http.HttpServletResponse;
|
||||
|
||||
/**
|
||||
* CAS过滤器
|
||||
@@ -25,12 +25,15 @@ import com.jeesite.common.shiro.realm.BaseAuthorizingRealm;
|
||||
*/
|
||||
@SuppressWarnings("deprecation")
|
||||
public class CasFilter extends org.apache.shiro.cas.CasFilter {
|
||||
|
||||
private BaseAuthorizingRealm authorizingRealm;
|
||||
|
||||
/**
|
||||
* 登录成功调用事件
|
||||
*/
|
||||
@Override
|
||||
protected boolean onLoginSuccess(AuthenticationToken token, Subject subject, ServletRequest request, ServletResponse response) throws Exception {
|
||||
authorizingRealm.onLoginSuccess(UserUtils.getLoginInfo(), (HttpServletRequest)request);
|
||||
return FormFilter.onLoginSuccess((HttpServletRequest)request, (HttpServletResponse)response);
|
||||
}
|
||||
|
||||
@@ -66,7 +69,7 @@ public class CasFilter extends org.apache.shiro.cas.CasFilter {
|
||||
}
|
||||
|
||||
public void setAuthorizingRealm(BaseAuthorizingRealm authorizingRealm) {
|
||||
|
||||
this.authorizingRealm = authorizingRealm;
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
@@ -4,22 +4,6 @@
|
||||
*/
|
||||
package com.jeesite.common.shiro.realm;
|
||||
|
||||
import java.util.Map;
|
||||
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import javax.validation.ValidationException;
|
||||
|
||||
import org.apache.shiro.authc.AuthenticationException;
|
||||
import org.apache.shiro.authc.AuthenticationInfo;
|
||||
import org.apache.shiro.authc.AuthenticationToken;
|
||||
import org.apache.shiro.cas.CasToken;
|
||||
import org.jasig.cas.client.authentication.AttributePrincipal;
|
||||
import org.jasig.cas.client.validation.Assertion;
|
||||
import org.jasig.cas.client.validation.Cas20ServiceTicketValidator;
|
||||
import org.jasig.cas.client.validation.TicketValidationException;
|
||||
import org.jasig.cas.client.validation.TicketValidator;
|
||||
import org.springframework.beans.factory.NoSuchBeanDefinitionException;
|
||||
|
||||
import com.jeesite.common.codec.EncodeUtils;
|
||||
import com.jeesite.common.collect.MapUtils;
|
||||
import com.jeesite.common.lang.ObjectUtils;
|
||||
@@ -35,6 +19,20 @@ import com.jeesite.modules.sys.service.EmpUserService;
|
||||
import com.jeesite.modules.sys.service.UserService;
|
||||
import com.jeesite.modules.sys.utils.LogUtils;
|
||||
import com.jeesite.modules.sys.utils.UserUtils;
|
||||
import org.apache.shiro.authc.AuthenticationException;
|
||||
import org.apache.shiro.authc.AuthenticationInfo;
|
||||
import org.apache.shiro.authc.AuthenticationToken;
|
||||
import org.apache.shiro.cas.CasToken;
|
||||
import org.jasig.cas.client.authentication.AttributePrincipal;
|
||||
import org.jasig.cas.client.validation.Assertion;
|
||||
import org.jasig.cas.client.validation.Cas20ServiceTicketValidator;
|
||||
import org.jasig.cas.client.validation.TicketValidationException;
|
||||
import org.jasig.cas.client.validation.TicketValidator;
|
||||
import org.springframework.beans.factory.NoSuchBeanDefinitionException;
|
||||
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import javax.validation.ValidationException;
|
||||
import java.util.Map;
|
||||
|
||||
/**
|
||||
* 系统认证授权实现类
|
||||
@@ -181,20 +179,11 @@ public class CasAuthorizingRealm extends BaseAuthorizingRealm {
|
||||
|
||||
@Override
|
||||
public void onLoginSuccess(LoginInfo loginInfo, HttpServletRequest request) {
|
||||
super.onLoginSuccess(loginInfo, request);
|
||||
|
||||
// 单点登录登出句柄(登录时注入session),在这之前必须获取下授权信息
|
||||
String ticket = loginInfo.getParam("ticket");
|
||||
casOutHandler.recordSession(request, ticket);
|
||||
//System.out.print("__sid: "+request.getSession().getId());
|
||||
//System.out.println(" == "+UserUtils.getSession().getId());
|
||||
|
||||
// 更新登录IP、时间、会话ID等
|
||||
User user = UserUtils.get(loginInfo.getId());
|
||||
getUserService().updateUserLoginInfo(user);
|
||||
|
||||
// 记录用户登录日志
|
||||
LogUtils.saveLog(user, ServletUtils.getRequest(), "系统登录", Log.TYPE_LOGIN_LOGOUT);
|
||||
}
|
||||
|
||||
@Override
|
||||
|
||||
Reference in New Issue
Block a user