您的位置: 首页  >  IT文章  >  shiro 阻截 ajax 无权限

shiro 阻截 ajax 无权限

分类: IT文章 2022-04-13 22:58:05

shiro 阻截 ajax 无权限

shiro 拦截 ajax 无权限

1.shrio  filter AccessControlFilter

重写  方法 :protected abstract boolean onAccessDenied(ServletRequest request, ServletResponse response) throws Exception

 

@Override
	protected boolean onAccessDenied(ServletRequest servletRequest,
			ServletResponse servletResponse) throws Exception {

		HttpServletRequest request = (HttpServletRequest) servletRequest;
		HttpServletResponse response = (HttpServletResponse) servletResponse;
		if (!"XMLHttpRequest".equalsIgnoreCase(request
				.getHeader("X-Requested-With"))) {// 不是ajax请求
			return super.onAccessDenied(servletRequest, servletResponse);
		}
		String url = request.getRequestURL().toString();
		String contextPath = request.getContextPath();
		url = url.substring(0,
				(url.indexOf(contextPath) + contextPath.length()));
		String urls = casUrl + "/login?service=" + url;
		log.info("ajax session timeout url-----------" + urls);
		response.setContentType("text/html;charset=UTF-8");
		response.getWriter().write(urls);
		return false;
	}

  把要跳转的路径 返回给ajax;

ajax 在error中 接收:

$.ajax({
		type : "post",
		data : paramsStr,
		url : reqUrl,
		dataType : "json",
		success : function(jsonData) {
			callback(jsonData);
		},
		error : function(e) {
			var errorText = e.responseText;
			if (errorText != undefined && errorText != ""
					&& errorText.indexOf("login?service") > 0) {
				window.location.href = e.responseText;
			} else {
				alertOperFailure();
			}
		}
	});

 

相关推荐