用户名的共享内存key设置,不再用cookie

huoyunp 2018-03-13

用户名的共享内存key设置,不再用cookie,key用requestid,shiro requset获取不到就用mvc的request

由于有些请求不在shiro权限范围,shiro实体获取不到,所以request获取不到,但是mvc的requestid一定有,都是一样的,他们只是包装关系

cookie的方式不再用,有时嵌套iframe获取不到,延时等原因

例如

itm/cust/dispatchCustomListQuery.action=authc/anon  没有放入权限控制,所以他调用拿teamId()shiro为空了  对

/itm/zhijianapp/queryDaiZhiJian.action=authc    

set代码:

HttpServletRequest request= (HttpServletRequest) servletRequest;

String jsession = request.getRequestedSessionId();

//((RemoteSessionRequest)((ShiroHttpServletRequest)request).getRequest()).getSession().setAttribute(jsession+"username",userName);

WebSession webSession= WebSessionManager.getInstance().getSession(jsession+"username");

if(webSession==null){

webSession=WebSessionManager.getInstance().createSession(jsession+"username");

}else{

webSession=WebSessionManager.getInstance().getSession(jsession+"username");

}

webSession.setAttribute(jsession+"username", userName);

get代码:

  HttpServletRequest request1 =(HttpServletRequest) ((WebSubject)SecurityUtils.getSubject()).getServletRequest();//由于这个方法有比较乱的调用,导致shiro有时为空

  此时requestid即jsessionid找不到,直接用action的request获取即可

//    ShiroHttpServletRequest srequest=(ShiroHttpServletRequest) ((StrutsRequestWrapper) ServletActionContext.getRequest()).getRequest();

    HttpServletRequest srequest=(HttpServletRequest)ServletActionContext.getRequest();

    String jsession=srequest.getRequestedSessionId();

    System.out.print("===========getTeamId  jsession");

    System.out.print("===========getTeamId  jsession========="+jsession);

//cookie的方式不再用,有时嵌套iframe获取不到,延时等原因

     Cookie[] cookies = request1.getCookies();

    String username=getCookieValue(cookies, "username");

 WebSession webSession= WebSessionManager.getInstance().getSession(jsession+"username");

    if(webSession==null){

      webSession=WebSessionManager.getInstance().createSession(jsession+"username");

    }else{

      webSession=WebSessionManager.getInstance().getSession(jsession+"username");

    }

    username =webSession.getAttribute(jsession+"username")+"";

相关推荐