spring中 shiro logout 配置方式

spring中 shiro logout 配置方式有两种方式实现logout

1. 普通的action中 实现自己的logout方法，取到Subject，然后logout

[java] view plain copy

 print?

1. @RequestMapping(value = "${adminPath}/logout", method = RequestMethod.GET)  
2. public String logout(HttpServletRequest request, HttpServletResponse response, Model model) throws IOException {  
3.     Principal principal = UserUtils.getPrincipal();  
4.     // 如果已经登录，则跳转到管理首页  
5.     if(principal != null){  
6.         UserUtils.getSubject().logout();  
7.     }  
8.     return "redirect:" + adminPath+"/login";  
9. }  

这种需要在ShiroFilterFactoryBean 中配置 filterChainDefinitions

对应的action的url为anon

[html] view plain copy

 print?

1. <bean name="shiroFilterChainDefinitions" class="java.lang.String">  
2.         <constructor-arg>  
3.             <value>  
4.                 /static/** = anon  
5.                 /userfiles/** = anon  
6.                 ${adminPath}/cas = cas  
7.                 ${adminPath}/login = authc  
8.                 ${adminPath}/logout = anno  
9.                 ${adminPath}/** = user  
10.                 /act/rest/service/editor/** = perms[act:model:edit]  
11.                 /act/rest/service/model/** = perms[act:model:edit]  
12.                 /act/rest/service/** = user  
13.                 /ReportServer/** = user  
14.             </value>  
15.         </constructor-arg>  
16.     </bean>  

2. 使用shiro提供的logout filter 需要定义 相应的bean

[html] view plain copy

 print?

1. <<bean id="shiroFilter" class="org.apache.shiro.spring.web.ShiroFilterFactoryBean">  
2.         <property name="securityManager" ref="securityManager" /><!--  
3.         <property name="loginUrl" value="${cas.server.url}?service=${cas.project.url}${adminPath}/cas" /> -->  
4.         <property name="loginUrl" value="${adminPath}/login" />  
5.         <property name="successUrl" value="${adminPath}?login" />  
6.         <property name="filters">  
7.             <map>  
8.                 <entry key="cas" value-ref="casFilter"/>  
9.                 <entry key="authc" value-ref="formAuthenticationFilter"/>  
10.                 <entry key="logout" value-ref="logoutFilter" />  
11.             </map>  
12.         </property>  
13.         <property name="filterChainDefinitions">  
14.             <ref bean="shiroFilterChainDefinitions"/>  
15.         </property>  
16.     </bean>  

对应在 shiroFilterChainDefinitions中将对应的url改为logout

[html] view plain copy

 print?

1.    <bean name="shiroFilterChainDefinitions" class="java.lang.String">  
2. <constructor-arg>  
3.     <value>  
4.         /static/** = anon  
5.         /userfiles/** = anon  
6.         ${adminPath}/cas = cas  
7.         ${adminPath}/login = authc  
8.         ${adminPath}/logout = logout  
9.         ${adminPath}/** = user  
10.         /act/rest/service/editor/** = perms[act:model:edit]  
11.         /act/rest/service/model/** = perms[act:model:edit]  
12.         /act/rest/service/** = user  
13.         /ReportServer/** = user  
14.     </value>  
15. </constructor-arg>  
16. lt;/bean>  

并配置loginFilterbean

[html] view plain copy
 print?
<bean id="logoutFilter" class="org.apache.shiro.web.filter.authc.LogoutFilter">  
   <property name="redirectUrl" value="${adminPath}/login" />  
</bean>