shiro 退出过滤器 logout ---退出清除HTTPSession数据

重写LogouFilter类

import org.apache.shiro.web.filter.authc.LogoutFilter;

public class ShiroLogoutFilter extends LogoutFilter {

    @Override
    protected boolean preHandle(ServletRequest request, ServletResponse response) throws Exception {
        //清除HTTPSession的用户信息
        HttpServletRequest httpServletRequest=(HttpServletRequest) request;
        HttpSession session = httpServletRequest.getSession();
        if (session.getAttribute("user")!=null) {
            session.removeAttribute("user");
        }
        System.out.println("=HTTPSession用户数据被清空了=");
        
        return super.preHandle(httpServletRequest, response);
    }

}

 

转载于:https://www.cnblogs.com/vieta/p/11140164.html

你可能感兴趣的:(shiro 退出过滤器 logout ---退出清除HTTPSession数据)