//package com.dsh.guns.core.intercept;/*
|
// * Licensed to the Apache Software Foundation (ASF) under one
|
// * or more contributor license agreements. See the NOTICE file
|
// * distributed with this work for additional information
|
// * regarding copyright ownership. The ASF licenses this file
|
// * to you under the Apache License, Version 2.0 (the
|
// * "License"); you may not use this file except in compliance
|
// * with the License. You may obtain a copy of the License at
|
// *
|
// * http://www.apache.org/licenses/LICENSE-2.0
|
// *
|
// * Unless required by applicable law or agreed to in writing,
|
// * software distributed under the License is distributed on an
|
// * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
// * KIND, either express or implied. See the License for the
|
// * specific language governing permissions and limitations
|
// * under the License.
|
// */
|
//
|
//
|
//import javax.servlet.ServletRequest;
|
//import javax.servlet.ServletResponse;
|
//import javax.servlet.http.HttpServletRequest;
|
//import javax.servlet.http.HttpServletResponse;
|
//
|
///**
|
// * Filter that allows access to resources if the accessor is a known user, which is defined as
|
// * having a known principal. This means that any user who is authenticated or remembered via a
|
// * 'remember me' feature will be allowed access from this filter.
|
// * <p/>
|
// * If the accessor is not a known user, then they will be redirected to the {@link #setLoginUrl(String) loginUrl}</p>
|
// *
|
// * @since 0.9
|
// */
|
//public class GunsUserFilter extends AccessControlFilter {
|
//
|
// /**
|
// * Returns <code>true</code> if the request is a
|
// * {@link #isLoginRequest(javax.servlet.ServletRequest, javax.servlet.ServletResponse) loginRequest} or
|
// * if the current {@link #getSubject(javax.servlet.ServletRequest, javax.servlet.ServletResponse) subject}
|
// * is not <code>null</code>, <code>false</code> otherwise.
|
// *
|
// * @return <code>true</code> if the request is a
|
// * {@link #isLoginRequest(javax.servlet.ServletRequest, javax.servlet.ServletResponse) loginRequest} or
|
// * if the current {@link #getSubject(javax.servlet.ServletRequest, javax.servlet.ServletResponse) subject}
|
// * is not <code>null</code>, <code>false</code> otherwise.
|
// */
|
// protected boolean isAccessAllowed(ServletRequest request, ServletResponse response, Object mappedValue) {
|
// if (isLoginRequest(request, response)) {
|
// return true;
|
// } else {
|
// Subject subject = getSubject(request, response);
|
// // If principal is not null, then the user is known and should be allowed access.
|
// return subject.getPrincipal() != null;
|
// }
|
// }
|
//
|
// /**
|
// * This default implementation simply calls
|
// * {@link #saveRequestAndRedirectToLogin(javax.servlet.ServletRequest, javax.servlet.ServletResponse) saveRequestAndRedirectToLogin}
|
// * and then immediately returns <code>false</code>, thereby preventing the chain from continuing so the redirect may
|
// * execute.
|
// */
|
// protected boolean onAccessDenied(ServletRequest request, ServletResponse response) throws Exception {
|
// HttpServletRequest httpServletRequest = WebUtils.toHttp(request);
|
// HttpServletResponse httpServletResponse = WebUtils.toHttp(response);
|
//
|
// /**
|
// * 如果是ajax请求则不进行跳转
|
// */
|
// if (httpServletRequest.getHeader("x-requested-with") != null
|
// && httpServletRequest.getHeader("x-requested-with").equalsIgnoreCase("XMLHttpRequest")) {
|
// httpServletResponse.setHeader("sessionstatus", "timeout");
|
// return false;
|
// } else {
|
//
|
// /**
|
// * 第一次点击页面
|
// */
|
// String referer = httpServletRequest.getHeader("Referer");
|
// if (referer == null) {
|
// saveRequestAndRedirectToLogin(request, response);
|
// return false;
|
// } else {
|
//
|
// /**
|
// * 从别的页面跳转过来的
|
// */
|
//// ShiroKit.getSession().getAttribute("sessionFlag") == null
|
// if (false) {
|
// httpServletRequest.setAttribute("tips", "请重新登录");
|
// httpServletRequest.getRequestDispatcher("/login").forward(request, response);
|
// return false;
|
// } else {
|
// saveRequestAndRedirectToLogin(request, response);
|
// return false;
|
// }
|
// }
|
// }
|
// }
|
//}
|
