shiro 拦截 ajax 无权限

前端之家收集整理的这篇文章主要介绍了shiro 拦截 ajax 无权限前端之家小编觉得挺不错的,现在分享给大家,也给大家做个参考。

1.shrio filterAccessControlFilter

重写 方法 :protected abstract boolean onAccessDenied(ServletRequest request,ServletResponse response) throws Exception

@Override
	protected boolean onAccessDenied(ServletRequest servletRequest,ServletResponse servletResponse) throws Exception {

		HttpServletRequest request = (HttpServletRequest) servletRequest;
		HttpServletResponse response = (HttpServletResponse) servletResponse;
		if (!"XMLHttpRequest".equalsIgnoreCase(request
				.getHeader("X-Requested-With"))) {// 不是ajax请求
			return super.onAccessDenied(servletRequest,servletResponse);
		}
		String url = request.getRequestURL().toString();
		String contextPath = request.getContextPath();
		url = url.substring(0,(url.indexOf(contextPath) + contextPath.length()));
		String urls = casUrl + "/login?service=" + url;
		log.info("ajax session timeout url-----------" + urls);
		response.setContentType("text/html;charset=UTF-8");
		response.getWriter().write(urls);
		return false;
	}

把要跳转的路径 返回给ajax;

ajax 在error中 接收:

$.ajax({
		type : "post",data : paramsStr,url : reqUrl,dataType : "json",success : function(jsonData) {
			callback(jsonData);
		},error : function(e) {
			var errorText = e.responseText;
			if (errorText != undefined && errorText != ""
					&& errorText.indexOf("login?service") > 0) {
				window.location.href = e.responseText;
			} else {
				alertOperFailure();
			}
		}
	});

猜你在找的Ajax相关文章