List of usage examples for org.apache.shiro.web.filter AccessControlFilter GET_METHOD
String GET_METHOD
To view the source code for org.apache.shiro.web.filter AccessControlFilter GET_METHOD.
Click Source Link
From source file:com.kelson.keeku.security.MyFormAuthenticationFilter.java
License:Apache License
@Override protected boolean executeLogin(ServletRequest request, ServletResponse response) throws Exception { String username = getUsername(request); String password = getPassword(request); boolean isAjaxLogin = StringUtils.equals(WebUtils.getCleanParam(request, "ajaxLogin"), "1"); boolean rememberMe = isRememberMe(request); String host = getHost(request); UsernamePasswordToken token = new UsernamePasswordToken(username, password, rememberMe, host); try {/* w ww.jav a 2 s. c om*/ Subject subject = getSubject(request, response); subject.login(token); Session session = subject.getSession(); Integer userId = (Integer) session.getAttribute("userId"); LoggerUtil.operation(Operation.Login, String.valueOf(userId) + "has logined", (HttpServletRequest) request); if (isAjaxLogin) { if (StringUtils.equals(WebUtils.getCleanParam(request, "needRedirect"), "1")) {//when login successfully by ajax login and redirect to backurl SavedRequest savedRequest = WebUtils.getAndClearSavedRequest(request); if (savedRequest != null && savedRequest.getMethod().equalsIgnoreCase(AccessControlFilter.GET_METHOD)) { request.setAttribute("backUrl", savedRequest.getRequestUrl()); } } return true; } else { return onLoginSuccess(token, subject, request, response); } } catch (AuthenticationException e) { if (SecurityUtils.getSubject().getSession(false) != null) { SecurityUtils.getSubject().getSession(false).removeAttribute("userId"); } return onLoginFailure(token, e, request, response); } }