diff --git a/modules/core/src/main/java/com/jeesite/common/shiro/filter/CasFilter.java b/modules/core/src/main/java/com/jeesite/common/shiro/filter/CasFilter.java index 2a42448a..ce2b2ac5 100644 --- a/modules/core/src/main/java/com/jeesite/common/shiro/filter/CasFilter.java +++ b/modules/core/src/main/java/com/jeesite/common/shiro/filter/CasFilter.java @@ -4,19 +4,19 @@ */ package com.jeesite.common.shiro.filter; -import javax.servlet.ServletRequest; -import javax.servlet.ServletResponse; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; - +import com.jeesite.common.lang.ExceptionUtils; +import com.jeesite.common.lang.StringUtils; +import com.jeesite.common.shiro.realm.BaseAuthorizingRealm; +import com.jeesite.modules.sys.utils.UserUtils; import org.apache.shiro.authc.AuthenticationException; import org.apache.shiro.authc.AuthenticationToken; import org.apache.shiro.subject.Subject; import org.apache.shiro.web.util.WebUtils; -import com.jeesite.common.lang.ExceptionUtils; -import com.jeesite.common.lang.StringUtils; -import com.jeesite.common.shiro.realm.BaseAuthorizingRealm; +import javax.servlet.ServletRequest; +import javax.servlet.ServletResponse; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; /** * CAS过滤器 @@ -25,12 +25,15 @@ import com.jeesite.common.shiro.realm.BaseAuthorizingRealm; */ @SuppressWarnings("deprecation") public class CasFilter extends org.apache.shiro.cas.CasFilter { + + private BaseAuthorizingRealm authorizingRealm; /** * 登录成功调用事件 */ @Override protected boolean onLoginSuccess(AuthenticationToken token, Subject subject, ServletRequest request, ServletResponse response) throws Exception { + authorizingRealm.onLoginSuccess(UserUtils.getLoginInfo(), (HttpServletRequest)request); return FormFilter.onLoginSuccess((HttpServletRequest)request, (HttpServletResponse)response); } @@ -66,7 +69,7 @@ public class CasFilter extends org.apache.shiro.cas.CasFilter { } public void setAuthorizingRealm(BaseAuthorizingRealm authorizingRealm) { - + this.authorizingRealm = authorizingRealm; } } diff --git a/modules/core/src/main/java/com/jeesite/common/shiro/realm/CasAuthorizingRealm.java b/modules/core/src/main/java/com/jeesite/common/shiro/realm/CasAuthorizingRealm.java index de608ad4..ab67fa10 100644 --- a/modules/core/src/main/java/com/jeesite/common/shiro/realm/CasAuthorizingRealm.java +++ b/modules/core/src/main/java/com/jeesite/common/shiro/realm/CasAuthorizingRealm.java @@ -4,22 +4,6 @@ */ package com.jeesite.common.shiro.realm; -import java.util.Map; - -import javax.servlet.http.HttpServletRequest; -import javax.validation.ValidationException; - -import org.apache.shiro.authc.AuthenticationException; -import org.apache.shiro.authc.AuthenticationInfo; -import org.apache.shiro.authc.AuthenticationToken; -import org.apache.shiro.cas.CasToken; -import org.jasig.cas.client.authentication.AttributePrincipal; -import org.jasig.cas.client.validation.Assertion; -import org.jasig.cas.client.validation.Cas20ServiceTicketValidator; -import org.jasig.cas.client.validation.TicketValidationException; -import org.jasig.cas.client.validation.TicketValidator; -import org.springframework.beans.factory.NoSuchBeanDefinitionException; - import com.jeesite.common.codec.EncodeUtils; import com.jeesite.common.collect.MapUtils; import com.jeesite.common.lang.ObjectUtils; @@ -35,6 +19,20 @@ import com.jeesite.modules.sys.service.EmpUserService; import com.jeesite.modules.sys.service.UserService; import com.jeesite.modules.sys.utils.LogUtils; import com.jeesite.modules.sys.utils.UserUtils; +import org.apache.shiro.authc.AuthenticationException; +import org.apache.shiro.authc.AuthenticationInfo; +import org.apache.shiro.authc.AuthenticationToken; +import org.apache.shiro.cas.CasToken; +import org.jasig.cas.client.authentication.AttributePrincipal; +import org.jasig.cas.client.validation.Assertion; +import org.jasig.cas.client.validation.Cas20ServiceTicketValidator; +import org.jasig.cas.client.validation.TicketValidationException; +import org.jasig.cas.client.validation.TicketValidator; +import org.springframework.beans.factory.NoSuchBeanDefinitionException; + +import javax.servlet.http.HttpServletRequest; +import javax.validation.ValidationException; +import java.util.Map; /** * 系统认证授权实现类 @@ -181,20 +179,11 @@ public class CasAuthorizingRealm extends BaseAuthorizingRealm { @Override public void onLoginSuccess(LoginInfo loginInfo, HttpServletRequest request) { - super.onLoginSuccess(loginInfo, request); - // 单点登录登出句柄(登录时注入session),在这之前必须获取下授权信息 String ticket = loginInfo.getParam("ticket"); casOutHandler.recordSession(request, ticket); //System.out.print("__sid: "+request.getSession().getId()); //System.out.println(" == "+UserUtils.getSession().getId()); - - // 更新登录IP、时间、会话ID等 - User user = UserUtils.get(loginInfo.getId()); - getUserService().updateUserLoginInfo(user); - - // 记录用户登录日志 - LogUtils.saveLog(user, ServletUtils.getRequest(), "系统登录", Log.TYPE_LOGIN_LOGOUT); } @Override