spring中 shiro logout 配置方式有两种方式实现logout
1. 普通的action中 实现自己的logout方法,取到Subject,然后logout
@RequestMapping(value = "${adminPath}/logout", method = )
public String logout(HttpServletRequest request, HttpServletResponse response, Model model) throws IOException {
Principal principal = ();
// 如果已经登录,则跳转到管理首页
if(principal != null){
().logout();
}
return "redirect:" + adminPath+"/login";
}
这种需要在ShiroFilterFactoryBean 中配置 filterChainDefinitions
对应的action的url为anon
<bean name="shiroFilterChainDefinitions" class="">
<constructor-arg>
<value>
/static/** = anon
/userfiles/** = anon
${adminPath}/cas = cas
${adminPath}/login = authc
${adminPath}/logout = anno
${adminPath}/** = user
/act/rest/service/editor/** = perms[act:model:edit]
/act/rest/service/model/** = perms[act:model:edit]
/act/rest/service/** = user
/ReportServer/** = user
</value>
</constructor-arg>
</bean>
2. 使用shiro提供的logout filter 需要定义 相应的bean
<<bean class="">
<property name="securityManager" ref="securityManager" /><!--
<property name="loginUrl" value="${}?service=${}${adminPath}/cas" /> -->
<property name="loginUrl" value="${adminPath}/login" />
<property name="successUrl" value="${adminPath}?login" />
<property name="filters">
<map>
<entry key="cas" value-ref="casFilter"/>
<entry key="authc" value-ref="formAuthenticationFilter"/>
<entry key="logout" value-ref="logoutFilter" />
</map>
</property>
<property name="filterChainDefinitions">
<ref bean="shiroFilterChainDefinitions"/>
</property>
</bean>对应在 shiroFilterChainDefinitions中将对应的url改为logout
<bean name="shiroFilterChainDefinitions" class="">
<constructor-arg>
<value>
/static/** = anon
/userfiles/** = anon
${adminPath}/cas = cas
${adminPath}/login = authc
${adminPath}/logout = logout
${adminPath}/** = user
/act/rest/service/editor/** = perms[act:model:edit]
/act/rest/service/model/** = perms[act:model:edit]
/act/rest/service/** = user
/ReportServer/** = user
</value>
</constructor-arg>
</bean><bean class=""> <property name="redirectUrl" value="${adminPath}/login" /> </bean>