org.apache.shiro.session.SessionException Java Examples
The following examples show how to use
org.apache.shiro.session.SessionException.
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
| Source File: SystemLogoutFilter.java From Movie_Recommend with MIT License | 6 votes |
|
@Override
protected boolean preHandle(ServletRequest request, ServletResponse response) throws Exception {
//在这里执行退出系统前需要清空的数据
Subject subject=getSubject(request,response);
String redirectUrl=getRedirectUrl(request,response,subject);
// ServletContext context= request.getServletContext();
try {
subject.logout();
// context.removeAttribute("error");
}catch (SessionException e){
e.printStackTrace();
}
issueRedirect(request,response,redirectUrl);
return false;
}
Example #2
| Source File: ClientAuthenticatorEndpoint.java From super-cloudops with Apache License 2.0 | 6 votes |
|
/**
* IAM client logout
*
* @param request
* @return
*/
@PostMapping(URI_C_LOGOUT)
@ResponseBody
public RespBase<LogoutModel> logout(HttpServletRequest request) {
if (log.isInfoEnabled()) {
log.info("Logout processing... sessionId[{}]", getSessionId());
}
RespBase<LogoutModel> resp = new RespBase<>();
/*
* Local client session logout
*/
try {
// try/catch added for SHIRO-298:
SecurityUtils.getSubject().logout();
} catch (SessionException e) {
log.warn("Logout exception. This can generally safely be ignored.", e);
resp.setCode(RetCode.SYS_ERR);
resp.setMessage(Exceptions.getRootCauseMessage(e));
}
if (log.isInfoEnabled()) {
log.info("Local logout finished. [{}]", resp);
}
return resp;
}
Example #3
| Source File: JsetsLogoutFilter.java From jsets-shiro-spring-boot-starter with Apache License 2.0 | 6 votes |
|
@Override
protected boolean preHandle(ServletRequest request, ServletResponse response) throws Exception {
Subject subject = getSubject(request, response);
// Check if POST only logout is enabled
if (isPostOnlyLogout()) {
// check if the current request's method is a POST, if not redirect
if (!WebUtils.toHttp(request).getMethod().toUpperCase(Locale.ENGLISH).equals("POST")) {
return onLogoutRequestNotAPost(request, response);
}
}
String redirectUrl = getRedirectUrl(request, response, subject);
//try/catch added for SHIRO-298:
try {
String account = (String) subject.getPrincipal();
subject.logout();
this.authListenerManager.onLogout(request, account);
} catch (SessionException ise) {
LOGGER.debug("Encountered session exception during logout. This can generally safely be ignored.", ise);
}
issueRedirect(request, response, redirectUrl);
return false;
}
Example #4
| Source File: LogoutFilter.java From supplierShop with MIT License | 5 votes |
|
@Override
protected boolean preHandle(ServletRequest request, ServletResponse response) throws Exception
{
try
{
Subject subject = getSubject(request, response);
String redirectUrl = getRedirectUrl(request, response, subject);
try
{
SysUser user = ShiroUtils.getSysUser();
if (StringUtils.isNotNull(user))
{
String loginName = user.getLoginName();
// 记录用户退出日志
AsyncManager.me().execute(AsyncFactory.recordLogininfor(loginName, Constants.LOGOUT, MessageUtils.message("user.logout.success")));
// 清理缓存
cache.remove(loginName);
}
// 退出登录
subject.logout();
}
catch (SessionException ise)
{
log.error("logout fail.", ise);
}
issueRedirect(request, response, redirectUrl);
}
catch (Exception e)
{
log.error("Encountered session exception during logout. This can generally safely be ignored.", e);
}
return false;
}
Example #5
| Source File: LogoutFilter.java From frpMgr with MIT License | 5 votes |
|
@Override
protected boolean preHandle(ServletRequest request, ServletResponse response) throws Exception {
try{
Subject subject = getSubject(request, response);
String redirectUrl = getRedirectUrl(request, response, subject);
//try/catch added for SHIRO-298:
try {
Object principal = subject.getPrincipal();
if (principal != null){
// 记录用户退出日志(@Deprecated v4.0.5支持setAuthorizingRealm,之后版本可删除此if子句)
if (authorizingRealm == null){
LogUtils.saveLog(UserUtils.getUser(), ServletUtils.getRequest(),
"系统退出", Log.TYPE_LOGIN_LOGOUT);
}
// 退出成功之前初始化授权信息并处理登录后的操作
else{
authorizingRealm.onLogoutSuccess((LoginInfo)subject.getPrincipal(),
(HttpServletRequest)request);
}
}
// 退出登录
subject.logout();
} catch (SessionException ise) {
log.debug("Encountered session exception during logout. This can generally safely be ignored.", ise);
}
// 如果是Ajax请求,返回Json字符串。
if (ServletUtils.isAjaxRequest((HttpServletRequest)request)){
ServletUtils.renderResult((HttpServletResponse)response,
Global.TRUE, Global.getText("sys.logout.success"));
return false;
}
issueRedirect(request, response, redirectUrl);
}catch(Exception e){
log.debug("Encountered session exception during logout. This can generally safely be ignored.", e);
}
return false;
}
Example #6
| Source File: LogoutFilter.java From ruoyiplus with MIT License | 5 votes |
|
@Override
protected boolean preHandle(ServletRequest request, ServletResponse response) throws Exception
{
try
{
Subject subject = getSubject(request, response);
String redirectUrl = getRedirectUrl(request, response, subject);
try
{
SysUser user = ShiroUtils.getSysUser();
if (StringUtils.isNotNull(user))
{
String loginName = user.getLoginName();
// 记录用户退出日志
AsyncManager.me().execute(AsyncFactory.recordLogininfor(loginName, Constants.LOGOUT, MessageUtils.message("user.logout.success")));
}
// 退出登录
subject.logout();
}
catch (SessionException ise)
{
log.error("logout fail.", ise);
}
issueRedirect(request, response, redirectUrl);
}
catch (Exception e)
{
log.error("Encountered session exception during logout. This can generally safely be ignored.", e);
}
return false;
}
Example #7
| Source File: HomeControllerImpl.java From Goku.Framework.CoreUI with MIT License | 5 votes |
|
@Override
@RequestMapping("/logout")
public String logout() {
Subject currentUser = SecurityUtils.getSubject();
try {
currentUser.logout();
return "login";
} catch (SessionException ise) {
return "500";
} catch (Exception e) {
return "500";
}
}
Example #8
| Source File: LogoutFilter.java From LuckyFrameWeb with GNU Affero General Public License v3.0 | 5 votes |
|
@Override
protected boolean preHandle(ServletRequest request, ServletResponse response) {
try
{
Subject subject = getSubject(request, response);
String redirectUrl = getRedirectUrl(request, response, subject);
try
{
User user = ShiroUtils.getSysUser();
if (StringUtils.isNotNull(user))
{
String loginName = user.getLoginName();
// 记录用户退出日志
AsyncManager.me().execute(AsyncFactory.recordLogininfor(loginName, Constants.LOGOUT, MessageUtils.message("user.logout.success")));
}
// 退出登录
subject.logout();
}
catch (SessionException ise)
{
log.error("logout fail.", ise);
}
issueRedirect(request, response, redirectUrl);
}
catch (Exception e)
{
log.error("Encountered session exception during logout. This can generally safely be ignored.", e);
}
return false;
}
Example #9
| Source File: HttpRequestSessionManager.java From usergrid with Apache License 2.0 | 5 votes |
|
@Override
public Session getSession( SessionKey key ) throws SessionException {
if ( !WebUtils.isHttp( key ) ) {
String msg = "SessionKey must be an HTTP compatible implementation.";
throw new IllegalArgumentException( msg );
}
HttpServletRequest request = WebUtils.getHttpRequest( key );
return ( Session ) request.getAttribute( REQUEST_ATTRIBUTE_KEY );
}
Example #10
| Source File: CentralAuthenticationHandler.java From super-cloudops with Apache License 2.0 | 4 votes |
|
@Override
public LogoutModel logout(boolean forced, String appName, HttpServletRequest request, HttpServletResponse response) {
log.debug("Logout from: {}, forced: {}, sessionId: {}", appName, forced, getSessionId());
Subject subject = getSubject();
// From client signout
coprocessor.preLogout(new LogoutAuthenticationToken(getPrincipal(false), getHttpRemoteAddr(request)), toHttp(request),
toHttp(response));
// Represents all logout mark.
boolean logoutAllMark = true;
// Gets session bind grantInfo
GrantCredentialsInfo info = getGrantCredentials(subject.getSession());
log.debug("Got grantInfo: {} with sessionId: {}", info, getSessionId(subject));
if (!isNull(info) && info.hasEmpty()) {
// Query applications by bind session names
Set<String> appNames = info.getGrantApps().keySet();
// Cleanup this(Solve the dead cycle).
appNames.remove(config.getServiceName());
List<ApplicationInfo> apps = configurer.findApplicationInfo(appNames.toArray(new String[] {}));
if (!isEmpty(apps)) {
// logout all
logoutAllMark = handleLogoutSessionsAll(subject, info, apps);
} else
log.debug("Not found logout appInfo. appNames: {}", appNames);
}
if (forced || logoutAllMark) {
// Logout all sessions.
try {
/**
* That's the subject Refer to
* {@link com.wl4g.devops.iam.session.mgt.IamServerSessionManager#getSessionId())
* try/catch added for #SHIRO-298:
*/
log.debug("Logouting... sessionId: {}", getSessionId(subject));
subject.logout(); // After that, session is null
} catch (SessionException e) {
log.warn("Encountered session exception during logout. This can generally safely be ignored.", e);
}
}
return isNotBlank(appName) ? new LogoutModel(appName) : new LogoutModel();
}
Example #11
| Source File: KeepOneUserFilter.java From jsets-shiro-spring-boot-starter with Apache License 2.0 | 4 votes |
|
protected boolean onAccessDenied(ServletRequest request, ServletResponse response) throws Exception {
Subject subject = getSubject(request, response);
if (!subject.isAuthenticated() && !subject.isRemembered()) {
return this.respondLogin(request, response);
}
String account = (String) subject.getPrincipal();
String loginedSessionId = this.cacheDelegator.getKeepUser(account);
Session loginedSession = null;
Session currentSession = subject.getSession();
String currentSessionId = (String) currentSession.getId();
if(currentSessionId.equals(loginedSessionId)) {
return true;
} else if (Strings.isNullOrEmpty(loginedSessionId)){
this.cacheDelegator.putKeepUser(account, currentSessionId);
return true;
} else if (null==currentSession.getAttribute(ShiroProperties.ATTRIBUTE_SESSION_KICKOUT)) {
this.cacheDelegator.putKeepUser(account, currentSessionId);
try{
loginedSession = this.sessionManager.getSession(new DefaultSessionKey(loginedSessionId));
if(null != loginedSession){
loginedSession.setAttribute(ShiroProperties.ATTRIBUTE_SESSION_KICKOUT,Boolean.TRUE);
}
} catch(SessionException e){
LOGGER.warn(e.getMessage());
}
}
if (null!=currentSession.getAttribute(ShiroProperties.ATTRIBUTE_SESSION_KICKOUT)) {
subject.logout();
String loginedHost = "";
Date loginedTime = null;
if(null != loginedSession){
loginedHost = loginedSession.getHost();
loginedTime = loginedSession.getStartTimestamp();
}
this.authListenerManager.onKeepOneKickout(request, account, loginedHost, loginedTime);
return this.respondRedirect(request, response,this.properties.getKickoutUrl());
}
return true;
}
