redis和shiro 登录session用户信息更新不成功解决方法和切面配置实例
贺文彬
1.redis和shiro 登录session用户信息更新不成功解决方法
public class UpdateSessionUserUtil {
public static void setUser(LoginUserInfo loginUserInfo) {
Subject subject = SecurityUtils.getSubject();
PrincipalCollection principals = subject.getPrincipals();
//realName认证信息的key,对应的value就是认证的user对象
if (principals != null) {
String realName = principals.getRealmNames().iterator().next();
//创建一个PrincipalCollection对象,userInfo是更新后的user对象
PrincipalCollection newPrincipalCollection = new SimplePrincipalCollection(loginUserInfo, realName);
//调用subject的runAs方法,把新的PrincipalCollection放到session里面
subject.getSession().setAttribute(DefaultSubjectContext.PRINCIPALS_SESSION_KEY, newPrincipalCollection);
}
}
}
2.切面配置实例
package com.cmb.biz.board.webSocket;
import core.box.shiro.UpdateSessionUserUtil;
import core.box.shiro.model.LoginUserInfo;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.session.UnknownSessionException;
import org.aspectj.lang.JoinPoint;
import org.aspectj.lang.annotation.AfterReturning;
import org.aspectj.lang.annotation.Aspect;
import org.aspectj.lang.annotation.Pointcut;
import org.springframework.context.annotation.Configuration;
@Aspect
@Configuration
public class ServiceAspect {
//扫描方式一
private final String ExpGetResultDataPonit = "execution(* com.cmb.biz.board.controller..*.*(..))";
/**
扫描方式二
* @description 切入点
*/
@Pointcut("@within(org.springframework.web.bind.annotation.RestController) @within(org.springframework.stereotype.Controller)")
public void logPointCut() {
}
@AfterReturning(value = "logPointCut()", returning = "keys")
public void doAfterReturningAdvice1(JoinPoint joinPoint, Object keys) {
if (SecurityUtils.getSubject().getSession() != null) {
try {
Object principal = SecurityUtils.getSubject().getPrincipal();
if (principal != null) {
LoginUserInfo loginUserInfo = (LoginUserInfo) principal;
UpdateSessionUserUtil.setUser(loginUserInfo);
}
} catch (UnknownSessionException e) {
System.out.println("退出登录");
}
}
}
}
类似资料: