本文整理汇总了Java中org.apache.shiro.subject.Subject.isAuthenticated方法的典型用法代码示例。如果您正苦于以下问题:Java Subject.isAuthenticated方法的具体用法?Java Subject.isAuthenticated怎么用?Java Subject.isAuthenticated使用的例子?那么, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类org.apache.shiro.subject.Subject的用法示例。
在下文中一共展示了Subject.isAuthenticated方法的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。
示例1: getGroups
import org.apache.shiro.subject.Subject; //导入方法依赖的package包/类
@ApiOperation("获取小组列表")
@GetMapping
public ResponseEntity getGroups(@RequestParam("page") int page,
@RequestParam("page_size") int pageSize,
@RequestParam(name = "owner", required = false, defaultValue = "0") int owner) {
if (owner > 0) {
// 鉴权
Subject subject = SecurityUtils.getSubject();
if (! subject.isAuthenticated()) {
throw new UnauthorizedException();
}
int uid = SessionHelper.get().getUid();
if (uid != owner) {
throw new UnauthorizedException();
}
PageRowBounds pager = new PageRowBounds(page, pageSize);
List<GroupEntity> groups = groupService.getGroups(uid, pager);
Map<String, Object> data = new HashMap<>(2);
data.put("data", groups);
data.put("total", pager.getTotal());
return new ResponseEntity(data);
} else {
return new ResponseEntity(new ArrayList<>());
}
}
示例2: login
import org.apache.shiro.subject.Subject; //导入方法依赖的package包/类
@RequestMapping(value = "/login", method = RequestMethod.POST)
public String login(@Valid LoginAO loginForm, BindingResult result) {
if (result.hasErrors()) {
return "login";
}
UsernamePasswordToken token = new UsernamePasswordToken(loginForm.getUserName(), loginForm.getPassword());
Subject subject = SecurityUtils.getSubject();
subject.login(token);
if (subject.isAuthenticated()) {
//登录成功,数据初始化
//1,session信息,用户名,上次登录时间信息
//2,菜单列表信息
//3,系统该要信息,待办事项
return "redirect:/index";
} else {
token.clear();
return "login";
}
}
示例3: isAccessAllowed
import org.apache.shiro.subject.Subject; //导入方法依赖的package包/类
@Override
protected boolean isAccessAllowed(ServletRequest request,
ServletResponse response, Object mappedValue) {
Subject subject = getSubject(request, response);
// 如果 isAuthenticated 为 false 证明不是登录过的,同时 isRememberd 为true 证明是没登陆直接通过记住我功能进来的
if (!subject.isAuthenticated() && subject.isRemembered()) {
// 获取session的USERSESSION属性来看session是不是空的
if(null == ShiroAuthenticationManager.getSessionAttribute(ShiroUtils.USERSESSION))
{
// 初始化
UserEntity userEntity = (UserEntity) subject.getPrincipal();
ShiroAuthenticationManager.setSessionAttribute(ShiroUtils.USERSESSION, userEntity);
}
}
// 这个方法本来只返回 subject.isAuthenticated() 现在我们加上 subject.isRemembered()
// 让它同时也兼容remember这种情况
return subject.isAuthenticated() || subject.isRemembered();
}
示例4: isAccessAllowed
import org.apache.shiro.subject.Subject; //导入方法依赖的package包/类
@Override
protected boolean isAccessAllowed(ServletRequest request, ServletResponse response, Object mappedValue) {
Subject subject = getSubject(request, response);
Session session = subject.getSession();
// 判断请求类型
String upmsType = PropertiesFileUtil.getInstance("zheng-upms-client").get("zheng.upms.type");
session.setAttribute(UpmsConstant.UPMS_TYPE, upmsType);
if ("client".equals(upmsType)) {
return validateClient(request, response);
}
if ("server".equals(upmsType)) {
return subject.isAuthenticated();
}
return false;
}
示例5: doGet
import org.apache.shiro.subject.Subject; //导入方法依赖的package包/类
public void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
Subject subject = SecurityUtils.getSubject();
if (subject.isAuthenticated()) {
subject.logout(); // session 会销毁,在SessionListener监听session销毁,清理权限缓存
System.out.println("退出成功");
}
response.sendRedirect("login.jsp");
}
示例6: auth
import org.apache.shiro.subject.Subject; //导入方法依赖的package包/类
public static void auth(final String[] filters) {
final Filter f = (req, res) -> {
final Subject currentUser = SecurityUtils.getSubject();
if (!currentUser.isAuthenticated()) {
// 未授权
halt(401, "You don't have permission to access it.");
}
};
// add auth before protected routes.
for (String filter : filters) {
before(filter, f);
}
}
示例7: index
import org.apache.shiro.subject.Subject; //导入方法依赖的package包/类
@RequestMapping("")
public String index(HttpServletRequest request, String redirectUrl, Model model) {
if (redirectUrl != null && !redirectUrl.startsWith(request.getContextPath() + "/")) {
redirectUrl = null;
}
Subject subject = SecurityUtils.getSubject();
if(subject.isAuthenticated()){
return "redirect:/";
}
model.addAttribute("captchaId", UUID.randomUUID().toString());
model.addAttribute("redirectUrl", redirectUrl);
return "/login/index";
}
示例8: isAccessAllowed
import org.apache.shiro.subject.Subject; //导入方法依赖的package包/类
@Override
protected boolean isAccessAllowed(ServletRequest request, ServletResponse response, Object mappedValue) {
Subject subject = getSubject(request, response);
Session session = subject.getSession();
// 判断请求类型
String upmsType = PropertiesFileUtil.getInstance("lambo-upms-client").get("lambo.upms.type");
session.setAttribute(UpmsConstant.UPMS_TYPE, upmsType);
if ("client".equals(upmsType)) {
return validateClient(request, response);
}
if ("server".equals(upmsType)) {
return subject.isAuthenticated();
}
return false;
}
示例9: isAccessAllowed
import org.apache.shiro.subject.Subject; //导入方法依赖的package包/类
@Override
protected boolean isAccessAllowed(ServletRequest request, ServletResponse response, Object mappedValue) {
// 是登录页面 则直接返回true
if (isLoginRequest(request, response)) {
return true;
} else {
// 获取主题
Subject subject = getSubject(request, response);
// 如果用户【未认证】 但是用户使用【记住我】功能
if (!subject.isAuthenticated() && subject.isRemembered()) {
// 获取rememberMe的用户名称
Object principal = subject.getPrincipal();
if (null != principal) {
//从session中 获取登录用户信息
//Session session = subject.getSession(true);
//User sessionUser = (User) session.getAttribute(User.SESSION_USER);
//如果session不保存用户信息;则从数据库中获取
//if (sessionUser == null) {
// sessionUser = userService.getUserByName(String.valueOf(principal));
// subject.getSession().setAttribute(User.SESSION_USER, sessionUser);
//}
return true;
}
}
}
return true;
}
示例10: isAccessAllowed
import org.apache.shiro.subject.Subject; //导入方法依赖的package包/类
@Override
protected boolean isAccessAllowed(ServletRequest request, ServletResponse response, Object mappedValue) {
HttpServletRequest req = (HttpServletRequest) request;
System.out.println("验证登陆信息==" + req.getRequestURI());
System.out.println("sessionId==" + req.getSession().getId());
Subject currentUser = SecurityUtils.getSubject();
if (null != currentUser) {
if (currentUser.isAuthenticated() || currentUser.isRemembered()) {
return true;
}
}
// 返回false表示不执行后续的过滤器
return false;
}
示例11: login
import org.apache.shiro.subject.Subject; //导入方法依赖的package包/类
/**
* @return
*/
@RequestMapping(method = RequestMethod.GET)
public String login() {
Subject subjec = SecurityUtils.getSubject();
if (subjec != null && subjec.isAuthenticated()) {
return "redirect:/admin";
}
return "login";
}
示例12: isAccessAllowed
import org.apache.shiro.subject.Subject; //导入方法依赖的package包/类
/**
* 判断是否让用户登陆
*/
@Override
protected boolean isAccessAllowed(ServletRequest request, ServletResponse response, Object mappedValue) {
Subject subject = getSubject(request, response);
return subject.isAuthenticated() || subject.isRemembered();
}
示例13: isAccessAllowed
import org.apache.shiro.subject.Subject; //导入方法依赖的package包/类
protected boolean isAccessAllowed(ServletRequest request,
ServletResponse response, Object mappedValue) {
Subject subject = getSubject(request, response);
return subject.isAuthenticated();
}
示例14: restlogin
import org.apache.shiro.subject.Subject; //导入方法依赖的package包/类
/**
* 前后端分离的情况之下rest风格登录获取TGT ST
* @Description:TODO
* @author:hsj qq:2356899074
* @time:2017年12月1日 下午2:49:40
* @param req
* @param respon
* @return
* @throws Exception
*/
@RequestMapping("/restlogin")
public String restlogin(HttpServletRequest req,HttpServletResponse respon)throws Exception{
// return RestFulLogin.validateFromCAS("hsjhsj", "hsjhsj");
//校验有没有username和password
String username = "hsjhsj";
UsernamePasswordToken token = new UsernamePasswordToken("hsjhsj","hsjhsj");
//获取当前的Subject
Subject currentUser = SecurityUtils.getSubject();
try {
//在调用了login方法后,SecurityManager会收到AuthenticationToken,并将其发送给已配置的Realm执行必须的认证检查
//每个Realm都能在必要时对提交的AuthenticationTokens作出反应
//所以这一步在调用login(token)方法时,它会走到MyRealm.doGetAuthenticationInfo()方法中,具体验证方式详见此方法
logger.info("对用户[" + username + "]进行登录验证..验证开始");
currentUser.login(token);
logger.info("对用户[" + username + "]进行登录验证..验证通过");
}catch(UnknownAccountException uae){
logger.info("对用户[" + username + "]进行登录验证..验证未通过,未知账户");
return "403";
}catch(IncorrectCredentialsException ice){
logger.info("对用户[" + username + "]进行登录验证..验证未通过,错误的凭证");
return "403";
}catch(LockedAccountException lae){
logger.info("对用户[" + username + "]进行登录验证..验证未通过,账户已锁定");
return "403";
}catch(ExcessiveAttemptsException eae){
logger.info("对用户[" + username + "]进行登录验证..验证未通过,错误次数过多");
return "403";
}catch(AuthenticationException ae){
//通过处理Shiro的运行时AuthenticationException就可以控制用户登录失败或密码错误时的情景
logger.info("对用户[" + username + "]进行登录验证..验证未通过,堆栈轨迹如下");
ae.printStackTrace();
return "403";
}
//验证是否登录成功
if(currentUser.isAuthenticated()){
logger.info("用户[" + username + "]登录认证通过(这里可以进行一些认证通过后的一些系统参数初始化操作)");
return "inde";
}else{
token.clear();
return "403";
}
}
示例15: login
import org.apache.shiro.subject.Subject; //导入方法依赖的package包/类
@RequestMapping(value="/login", method=RequestMethod.POST)
public String login(String username, String password, HttpServletRequest request){
System.out.println("-------------------------------------------------------");
String rand = (String)request.getSession().getAttribute("rand");
String captcha = WebUtils.getCleanParam(request, "captcha");
System.out.println("用户["+username+"]登录时输入的验证码为["+captcha+"],HttpSession中的验证码为["+rand+"]");
if(!StringUtils.equals(rand, captcha)){
request.setAttribute("message_login", "验证码不正确");
return InternalResourceViewResolver.FORWARD_URL_PREFIX + "/";
}
UsernamePasswordToken token = new UsernamePasswordToken(username, password);
token.setRememberMe(true);
System.out.print("为验证登录用户而封装的Token:");
System.out.println(ReflectionToStringBuilder.toString(token, ToStringStyle.MULTI_LINE_STYLE));
//获取当前的Subject
Subject currentUser = SecurityUtils.getSubject();
try {
//在调用了login方法后,SecurityManager会收到AuthenticationToken,并将其发送给已配置的Realm执行必须的认证检查
//每个Realm都能在必要时对提交的AuthenticationTokens作出反应
//所以这一步在调用login(token)方法时,它会走到MyRealm.doGetAuthenticationInfo()方法中,具体验证方式详见此方法
System.out.println("对用户[" + username + "]进行登录验证...验证开始");
currentUser.login(token);
System.out.println("对用户[" + username + "]进行登录验证...验证通过");
}catch(UnknownAccountException uae){
System.out.println("对用户[" + username + "]进行登录验证...验证未通过,未知账户");
request.setAttribute("message_login", "未知账户");
}catch(IncorrectCredentialsException ice){
System.out.println("对用户[" + username + "]进行登录验证...验证未通过,错误的凭证");
request.setAttribute("message_login", "密码不正确");
}catch(LockedAccountException lae){
System.out.println("对用户[" + username + "]进行登录验证...验证未通过,账户已锁定");
request.setAttribute("message_login", "账户已锁定");
}catch(ExcessiveAttemptsException eae){
System.out.println("对用户[" + username + "]进行登录验证...验证未通过,错误次数过多");
request.setAttribute("message_login", "用户名或密码错误次数过多");
}catch(AuthenticationException ae){
//通过处理Shiro的运行时AuthenticationException就可以控制用户登录失败或密码错误时的情景
System.out.println("对用户[" + username + "]进行登录验证...验证未通过,堆栈轨迹如下");
ae.printStackTrace();
request.setAttribute("message_login", "用户名或密码不正确");
}
//验证是否登录成功
if(currentUser.isAuthenticated()){
System.out.println("用户[" + username + "]登录认证通过(这里可进行一些认证通过后的系统参数初始化操作)");
return "main";
}else{
token.clear();
return InternalResourceViewResolver.FORWARD_URL_PREFIX + "/";
}
}