Shirologout302重定向，shiro302解决方案

本文主要介绍关于Shiro,Shiro302跳转,Shiro重定向,ShiroLogout302,蕃薯耀的知识点，对【Shiro logout 302重定向，shiro 302解决方案】和【】有兴趣的朋友可以看下由【蕃薯耀】投稿的技术文章，希望该技术和经验能帮到你解决你所遇的java,SpringBoot,蕃薯耀分享相关技术问题。

================================

©Copyright 蕃薯耀 2022-04-09

蕃薯耀的博客_CSDN博客

一、问题描述

当登录退出为Ajax请求时，使用Shiro的logout退出登录，会发生302重定向，导致不能正常退出。

二、解决方案

1、重写LogoutFilter 过滤器

import java.util.Locale;

import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import org.apache.shiro.session.SessionException;
import org.apache.shiro.subject.Subject;
import org.apache.shiro.web.filter.authc.LogoutFilter;
import org.apache.shiro.web.util.WebUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

import com.lqy.shiro.bean.Result;
import com.lqy.shiro.utils.RequestUtils;

/**
 * 重写shiro logout逻辑，避免是Ajax请求发生302重定向问题
 * @author islee
 *
 */
public class ShiroLogoutFilter extends LogoutFilter {

	private static final Logger log = LoggerFactory.getLogger(ShiroLogoutFilter.class);
	
	@Override
    protected boolean preHandle(ServletRequest request, ServletResponse response) throws Exception {

		HttpServletRequest req = (HttpServletRequest) request;
		HttpServletResponse res = (HttpServletResponse) response;
		
        Subject subject = getSubject(request, response);

        // Check if POST only logout is enabled
        if (isPostOnlyLogout()) {

            // check if the current request's method is a POST, if not redirect
            if (!WebUtils.toHttp(request).getMethod().toUpperCase(Locale.ENGLISH).equals("POST")) {
               return onLogoutRequestNotAPost(request, response);
            }
        }

        String redirectUrl = getRedirectUrl(request, response, subject);
        
        try {
            subject.logout();
            
        } catch (SessionException ise) {
        	
            log.debug("Encountered session exception during logout.  This can generally safely be ignored.", ise);
        }
        
        if(RequestUtils.isAjaxOrJsonRequest(req)) {
			RequestUtils.write(res, Result.ok("退出登录"));
			
		}else {
			issueRedirect(request, response, redirectUrl);
		}
        
        return false;
    }
	
}

核心代码是：

if(RequestUtils.isAjaxOrJsonRequest(req)) {
    RequestUtils.write(res, Result.ok("退出登录"));
			
}else {
    issueRedirect(request, response, redirectUrl);
}

判断是否为Ajax请求或者是Json请求，如果是，返回json字符串，否则默认进行登录跳转，即302重定向。

2、配置LogoutFilter 过滤器（ShiroLogoutFilter）

    @Bean
	public ShiroFilterFactoryBean shiroFilterFactoryBean () {
		ShiroFilterFactoryBean shiroFilterFactoryBean = new ShiroFilterFactoryBean();
		
		
		//自定义过滤器
		LinkedHashMap
  
    filtsMap=new LinkedHashMap
   
    (); filtsMap.put("logout",new ShiroLogoutFilter() ); shiroFilterFactoryBean.setFilters(filtsMap); return shiroFilterFactoryBean; }
   
  

 （时间宝贵，分享不易，捐赠回馈，^_^）

================================

©Copyright 蕃薯耀 2022-04-09

蕃薯耀的博客_CSDN博客

本文《Shiro logout 302重定向，shiro 302解决方案》版权归蕃薯耀所有，引用Shiro logout 302重定向，shiro 302解决方案需遵循CC 4.0 BY-SA版权协议。