管理员Superadmin 登录 在线 管理员admin也登录在线
superadmin把admin删掉过后 admin还能继续操作 请问一下我要怎么使他及时调到登录页面呢??
初学者 求帮助
18 回复
@wendal public View match(ActionContext context) {
Subject currentUser = SecurityUtils.getSubject();
if (currentUser != null) {
Sys_user user = (Sys_user) currentUser.getPrincipal();
if (user != null) {
context.getRequest().setAttribute("uid",user==null?"":user.getId());
}
else {
return new ServerRedirectView("/private/login");
}
} else {
return new ServerRedirectView("/private/login");
}
return null;
}
}
我这样写的拦截器 不起作用? 哪里有错吗?
@wendal
public View match(ActionContext context) {
//忽略AJAX请求
if (!"XMLHttpRequest".equalsIgnoreCase(context.getRequest().getHeader("x-requested-with"))) {
Subject currentUser = SecurityUtils.getSubject();
if (currentUser != null) {
Sys_user user = (Sys_user) currentUser.getPrincipal();
if (user != null) {
context.getRequest().setAttribute("uid",user==null?"":user.getId());
}
else {
currentUser .logout();
return new ServerRedirectView("/private/login");
}
} else {
return new ServerRedirectView("/private/login");
}
}
return null;
}
这样还是不对
话说, 这拦截器代码依然不对, 只是从shiro中取出user实例,但没有到数据库去检查该用户是否存在
//忽略AJAX请求??? 为啥忽略ajax请求??
if (!"XMLHttpRequest".equalsIgnoreCase(context.getRequest().getHeader("x-requested-with"))) {
Subject currentUser = SecurityUtils.getSubject();
if (currentUser != null) {
Sys_user user = (Sys_user) currentUser.getPrincipal();
if (user != null) {
// 到数据库查一下用户是否还存在, TODO 在session中存放时间戳,减少查询次数
if (dao.count(User.class, user.getId()) == 0) {
currentUser .logout();
return new ServerRedirectView("/private/login");
}
context.getRequest().setAttribute("uid",user==null?"":user.getId());
}
else {
currentUser .logout();
return new ServerRedirectView("/private/login");
}
} else {
return new ServerRedirectView("/private/login");
}
}
return null;
}
@wendal
public class PrivateFilter implements ActionFilter {
private static final Log log = Logs.get();
@Inject
UserService userService;
public View match(ActionContext context) {
System.out.println("----------------"+userService);
//忽略AJAX请求
if (!"XMLHttpRequest".equalsIgnoreCase(context.getRequest().getHeader("x-requested-with"))) {
Subject currentUser = SecurityUtils.getSubject();
if (currentUser != null) {
Sys_user user = (Sys_user) currentUser.getPrincipal();
if (user != null) {
// 到数据库查一下用户是否还存在, TODO 在session中存放时间戳,减少查询次数
System.out.println(userService);
if(userService!=null){
if (userService.queryId(user.getId())== 0) {
currentUser .logout();
return new ServerRedirectView("/private/login");
}
}
context.getRequest().setAttribute("uid",user==null?"":user.getId());
}
else {
currentUser .logout();
return new ServerRedirectView("/private/login");
}
} else {
return new ServerRedirectView("/private/login");
}
}
return null;
}
}
可以直接注入Dao吗?
@wendal public View match(ActionContext context) {
//忽略AJAX请求
/*if (!"XMLHttpRequest".equalsIgnoreCase(context.getRequest().getHeader("x-requested-with"))) { */
/* } */
Subject currentUser = SecurityUtils.getSubject();
if (currentUser != null) {
Sys_user user = (Sys_user) currentUser.getPrincipal();
if (user != null) {
// 到数据库查一下用户是否还存在, TODO 在session中存放时间戳,减少查询次数
userService = context.getIoc().get(UserService.class);
if (userService.queryId(user.getId())== 0) {
currentUser .logout();
return new ServerRedirectView("beetl:/private/sys/login.html");
}else{
context.getRequest().setAttribute("uid",user==null?"":user.getId());
}
}
else {
currentUser .logout();
return new ServerRedirectView("beetl:/private/sys/login.html");
}
} else {
return new ServerRedirectView("beetl:/private/sys/login.html");
}
return null;
}
我写成这样子就可以了
添加回复
请先登陆