NutzCN Logo
问答 SecurityUtils.getSubject(); subject失效的时间是谁在控制
发布于 1614天前 作者 qq_28b95d2d 6330 次浏览 复制 上一个帖子 下一个帖子
标签:

// 忽略AJAX请求
if (!"XMLHttpRequest".equalsIgnoreCase(context.getRequest().getHeader("x-requested-with"))) {
Subject currentUser1 = SecurityUtils.getSubject();
if (currentUser1 != null) {
Sys_user user1 = (Sys_user) currentUser.getPrincipal();
if (user1 != null) {
context.getRequest().setAttribute("app_path", getMenu(StringUtils.getPath(context.getPath()), user.getIdMenus()));
} else {
return new ServerRedirectView("/private/login");
}
} else {
return new ServerRedirectView("/private/login");
}
}
return null;
感觉过个5分钟左右就 return new ServerRedirectView("/private/login"),怎么让user1一直不为空

10 回复

shiro.ini里面有设置

sessionIdCookie.maxAge=1800 这个?

@qq_28b95d2d 恩,秒数咯

@wendal

[main]
sessionManager.sessionValidationInterval=1800000
sessionManager.globalSessionTimeout=1800000
#sessionManager.sessionIdCookie.domain=wizzer.cn
sessionManager.sessionIdCookie.name=jsid
sessionManager.sessionIdCookie.path=/
sessionManager.sessionIdCookie.maxAge=-1


sessionIdCookie=org.apache.shiro.web.servlet.SimpleCookie
sessionIdCookie.name=nutzfw
#sessionIdCookie.domain=wizzer.cn
#sessionIdCookie.path=
#sessionIdCookie.maxAge=1800
sessionIdCookie.httpOnly=true
#bak...




securityManager.sessionManager=$sessionManager
sessionManager=handler.SessionManager
#sessionManager=org.apache.shiro.web.session.mgt.DefaultWebSessionManager
sessionManager.sessionDAO = $sessionDAO
sessionDAO = org.apache.shiro.session.mgt.eis.EnterpriseCacheSessionDAO
sessionDAO.sessionIdGenerator=$sessionIdGenerator
sessionIdGenerator=handler.JavaUuidSessionIdGenerator



#sessionManager=org.apache.shiro.web.session.mgt.DefaultWebSessionManager
#sessionListener1 = cn.wizzer.common.shiro.listener.MySessionListener
#sessionManager.sessionListeners = $sessionListener1
#sessionManager.globalSessionTimeout=50000
#securityManager.sessionManager=$sessionManager


sha256Matcher = org.apache.shiro.authc.credential.Sha256CredentialsMatcher
sha256Matcher.storedCredentialsHexEncoded = false
sha256Matcher.hashIterations = 1024
sha256Matcher.hashSalted = true


nutzAuthoRealm = cn.wizzer.common.shiro.realm.NutAuthoDaoRealm
shiroDbRealm = cn.wizzer.common.shiro.realm.NutDaoRealm
shiroDbRealm.credentialsMatcher = $sha256Matcher
webserviceRealm = cn.wizzer.common.shiro.realm.UsernamePasswordRealm
webserviceRealm.credentialsMatcher = $sha256Matcher

#sessionDAO = org.apache.shiro.session.mgt.eis.EnterpriseCacheSessionDAO
#securityManager.sessionManager.sessionDAO = $sessionDAO
cacheManager = org.apache.shiro.cache.ehcache.EhCacheManager
cacheManager.cacheManagerConfigFile=classpath:ehcache.xml

securityManager.realms = $shiroDbRealm,$nutzAuthoRealm,$webserviceRealm
authcStrategy = cn.wizzer.common.shiro.authc.pam.AnySuccessfulStrategy
securityManager.authenticator.authenticationStrategy = $authcStrategy
securityManager.cacheManager = $cacheManager

authc = cn.wizzer.common.mvc.filter.CaptchaFormAuthenticationFilter
authc.loginUrl  = /private/login
logout.redirectUrl= /private/login

[urls]
/private/doLogin    = anon
/private/language   = anon
/include/**         = anon
/**                 = anon
/private/**         = authc

设置sessionManager.sessionIdCookie.maxAge=-1过两分钟又跳到登录页面,为什么

之前是好的?最近做了什么修改?

@wendal
之前也没改过这个,最近加了下面两段:
sessionManager.sessionValidationInterval=1800000
sessionManager.globalSessionTimeout=1800000

sessionManager.sessionIdCookie.domain=wizzer.cn

sessionManager.sessionIdCookie.name=jsid
sessionManager.sessionIdCookie.path=/
sessionManager.sessionIdCookie.maxAge=-1

securityManager.sessionManager=$sessionManager
sessionManager=handler.SessionManager

sessionManager=org.apache.shiro.web.session.mgt.DefaultWebSessionManager

sessionManager.sessionDAO = $sessionDAO
sessionDAO = org.apache.shiro.session.mgt.eis.EnterpriseCacheSessionDAO
sessionDAO.sessionIdGenerator=$sessionIdGenerator
sessionIdGenerator=handler.JavaUuidSessionIdGenerator

去掉sessionManager.sessionIdCookie.domain

@wendal
sessionManager.sessionIdCookie.domain注释掉了呀

@wendal
[main]
sessionManager.sessionValidationInterval=1800000
sessionManager.globalSessionTimeout=1800000

sessionManager.sessionIdCookie.domain=wizzer.cn

sessionManager.sessionIdCookie.name=jsid
sessionManager.sessionIdCookie.path=/

securityManager.sessionManager=$sessionManager
sessionManager=handler.SessionManager

sessionManager=org.apache.shiro.web.session.mgt.DefaultWebSessionManager

sessionManager.sessionDAO = $sessionDAO
sessionDAO = org.apache.shiro.session.mgt.eis.EnterpriseCacheSessionDAO
sessionDAO.sessionIdGenerator=$sessionIdGenerator
sessionIdGenerator=handler.JavaUuidSessionIdGenerator

```sorry ,没贴好

@wendal
[main]
sessionManager.sessionValidationInterval=1800000
sessionManager.globalSessionTimeout=1800000
sessionManager.sessionIdCookie.name=jsid
sessionManager.sessionIdCookie.path=/

securityManager.sessionManager=$sessionManager
sessionManager=handler.SessionManager
sessionManager.sessionDAO = $sessionDAO
sessionDAO = org.apache.shiro.session.mgt.eis.EnterpriseCacheSessionDAO
sessionDAO.sessionIdGenerator=$sessionIdGenerator
sessionIdGenerator=handler.JavaUuidSessionIdGenerator

```
其实是这个样子的,--_--

添加回复
请先登陆
回到顶部