Springboot+shiro登出的两种方式
第一种, 利用shiro自带的登出处理, 在filter表里加上登出的过滤,如下代码中的filterChainDefinitionMap.put("/auth/logout", "logout");
@Bean("shiroFilter")
public ShiroFilterFactoryBean shirFilter(DefaultWebSecurityManager securityManager) {
ShiroFilterFactoryBean shiroFilterFactoryBean = new ShiroFilterFactoryBean();
shiroFilterFactoryBean.setSecurityManager(securityManager);
shiroFilterFactoryBean.setLoginUrl("/login");
shiroFilterFactoryBean.setSuccessUrl("/index");
shiroFilterFactoryBean.setUnauthorizedUrl("/403");
LinkedHashMap filterChainDefinitionMap = new LinkedHashMap<>();
filterChainDefinitionMap.put("/css/**", "anon");
filterChainDefinitionMap.put("/js/**", "anon");
filterChainDefinitionMap.put("/fonts/**", "anon");
filterChainDefinitionMap.put("/img/**", "anon");
filterChainDefinitionMap.put("/docs/**", "anon");
filterChainDefinitionMap.put("/druid/**", "anon");
filterChainDefinitionMap.put("/upload/**", "anon");
filterChainDefinitionMap.put("/files/**", "anon");
filterChainDefinitionMap.put("/auth/logout", "logout");
filterChainDefinitionMap.put("/", "anon");
filterChainDefinitionMap.put("/blog", "anon");
filterChainDefinitionMap.put("/blog/open/**", "anon");
//filterChainDefinitionMap.put("/**", "authc");
filterChainDefinitionMap.put("/**", "anon");
shiroFilterFactoryBean.setFilterChainDefinitionMap(filterChainDefinitionMap);
return shiroFilterFactoryBean;
} shiro会拦截/auth/logout,并作出logout运作,完毕后会返回主页,所以如果在主页里再次返回重新登录的页面,则需要做一下跳转:
@RequestMapping("/")
public void defaultPage(HttpServletResponse response){
response.setStatus(302);
//response.setStatusCode(HttpStatus.FOUND);
response.setHeader("location", Util.fillNullStr(mContextPath)+ mLoginPage);
}
如果登出操作中还需要做额外的处理时,需要自己处理, 那就自己写controller路由实现 :
如果需要手动处理登出就开启这个
@RequestMapping("/logout")
public void logout(HttpServletResponse response) {
Subject lvSubject=SecurityUtils.getSubject();
lvSubject.logout();
response.setStatus(302);
//response.setStatusCode(HttpStatus.FOUND);
response.setHeader("location", Util.fillNullStr(mContextPath)+ mLoginPage);
}