Java Code Examples for org.apache.shiro.web.util.WebUtils#isTrue()

The following examples show how to use org.apache.shiro.web.util.WebUtils#isTrue() . You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
Source File: FormAuthenticationFilter.java    From frpMgr with MIT License 6 votes vote down vote up 
/**
 * 获取登录用户名
 */
protected String getUsername(ServletRequest request, ServletResponse response) {
	String username = super.getUsername(request);
	if (StringUtils.isBlank(username)){
		username = ObjectUtils.toString(request.getAttribute(getUsernameParam()), StringUtils.EMPTY);
	}
	// 登录用户名解密(解决登录用户名明文传输安全问题)
	String secretKey = Global.getProperty("shiro.loginSubmit.secretKey");
	if (StringUtils.isNotBlank(secretKey)){
		username = DesUtils.decode(username, secretKey);
		if (StringUtils.isBlank(username)){
			logger.info("登录账号为空或解码错误.");
		}
	}
	// 登录成功后,判断是否需要记住用户名
	if (WebUtils.isTrue(request, DEFAULT_REMEMBER_USERCODE_PARAM)) {
		rememberUserCodeCookie.setValue(EncodeUtils.xssFilter(username));
		rememberUserCodeCookie.saveTo((HttpServletRequest)request, (HttpServletResponse)response);
	} else {
		rememberUserCodeCookie.removeFrom((HttpServletRequest)request, (HttpServletResponse)response);
	}
	return username;
}
Example 2
Source File: SessionManager.java    From easyweb with Apache License 2.0 6 votes vote down vote up 
@Override
protected Serializable getSessionId(ServletRequest request, ServletResponse response) {
	// 如果参数中包含“__sid”参数,则使用此sid会话。 例如:http://localhost/project?__sid=xxx&__cookie=true
	String sid = request.getParameter("__sid");
	if (StringUtils.isNotBlank(sid)) {
		// 是否将sid保存到cookie,浏览器模式下使用此参数。
		if (WebUtils.isTrue(request, "__cookie")){
	        HttpServletRequest rq = (HttpServletRequest)request;
	        HttpServletResponse rs = (HttpServletResponse)response;
			Cookie template = getSessionIdCookie();
	        Cookie cookie = new SimpleCookie(template);
			cookie.setValue(sid); cookie.saveTo(rq, rs);
		}
		// 设置当前session状态
           request.setAttribute(ShiroHttpServletRequest.REFERENCED_SESSION_ID_SOURCE,
                   ShiroHttpServletRequest.URL_SESSION_ID_SOURCE); // session来源与url
           request.setAttribute(ShiroHttpServletRequest.REFERENCED_SESSION_ID, sid);
           request.setAttribute(ShiroHttpServletRequest.REFERENCED_SESSION_ID_IS_VALID, Boolean.TRUE);
       	return sid;
	}else{
		return super.getSessionId(request, response);
	}
}
Example 3
Source File: LoginController.java    From frpMgr with MIT License 4 votes vote down vote up 
/**
 * 登录失败,真正登录的POST请求由Filter完成
 */
@RequestMapping(value = "login", method = RequestMethod.POST)
public String loginFailure(HttpServletRequest request, HttpServletResponse response, Model model) {
	LoginInfo loginInfo = UserUtils.getLoginInfo();
	
	// 如果已经登录,则跳转到管理首页
	if(loginInfo != null){
		String queryString = request.getQueryString();
		queryString = queryString == null ? "" : "?" + queryString;
		String indexUrl = adminPath + "/index" + queryString;
		if (ServletUtils.isAjaxRequest(request)){
			try {
				request.getRequestDispatcher(indexUrl).forward(request, response); // AJAX不支持Redirect改用Forward
			} catch (Exception ex) {
				logger.error(ex.getMessage(), ex);
			}
			return null;
		}
		return REDIRECT + indexUrl;
	}
	
	String username = WebUtils.getCleanParam(request, FormAuthenticationFilter.DEFAULT_USERNAME_PARAM);
	boolean rememberMe = WebUtils.isTrue(request, FormAuthenticationFilter.DEFAULT_REMEMBER_ME_PARAM);
	boolean rememberUserCode = WebUtils.isTrue(request, FormAuthenticationFilter.DEFAULT_REMEMBER_USERCODE_PARAM);
	String params = WebUtils.getCleanParam(request, FormAuthenticationFilter.DEFAULT_PARAMS_PARAM);
	String exception = (String)request.getAttribute(FormAuthenticationFilter.DEFAULT_ERROR_KEY_ATTRIBUTE_NAME);
	String message = (String)request.getAttribute(FormAuthenticationFilter.DEFAULT_MESSAGE_PARAM);

	model.addAttribute(FormAuthenticationFilter.DEFAULT_USERNAME_PARAM, username);
	model.addAttribute(FormAuthenticationFilter.DEFAULT_REMEMBER_ME_PARAM, rememberMe);
	model.addAttribute(FormAuthenticationFilter.DEFAULT_REMEMBER_USERCODE_PARAM, rememberUserCode);
	model.addAttribute(FormAuthenticationFilter.DEFAULT_PARAMS_PARAM, params);
	Map<String, Object> paramMap = ServletUtils.getExtParams(request);
	for (Entry<String, Object> entry : paramMap.entrySet()){
		model.addAttribute(FormAuthenticationFilter.DEFAULT_PARAM_PREFIX_PARAM + entry.getKey(), entry.getValue());
	}
	model.addAttribute(FormAuthenticationFilter.DEFAULT_ERROR_KEY_ATTRIBUTE_NAME, exception);
	
	// 如果登录设置了语言,则切换语言
	if (paramMap.get("lang") != null){
		Global.setLang((String)paramMap.get("lang"), request, response);
	}
	
	model.addAttribute(FormAuthenticationFilter.DEFAULT_MESSAGE_PARAM, text(message));

	// 非授权异常,登录失败,验证码加1。
	if (!UnauthorizedException.class.getName().equals(exception)){
		model.addAttribute("isValidCodeLogin", BaseAuthorizingRealm.isValidCodeLogin(username, (String)paramMap.get("deviceType"), "failed"));
	}
	
	//获取当前会话对象
	Session session = UserUtils.getSession();
	model.addAttribute("sessionid", (String)session.getId());

	// 登录操作如果是Ajax操作,直接返回登录信息字符串。
	if (ServletUtils.isAjaxRequest(request)){
		model.addAttribute("result", Global.FALSE);
		return ServletUtils.renderObject(response, model);
	}
	
	// 返回指定用户类型的登录页视图
	String userType = (String)paramMap.get("userType");
	if (StringUtils.isNotBlank(userType)){
		String view = UserUtils.getUserTypeValue(userType, "loginView");
		if(StringUtils.isNotBlank(view)){
			return view;
		}
	}
	
	return "modules/sys/sysLogin";
}
Example 4
Source File: FormAuthenticationFilter.java    From frpMgr with MIT License 4 votes vote down vote up 
/**
 * 是否为登录操作(支持GET或CAS登录时传递__login=true参数)
 */
@Override
protected boolean isLoginRequest(ServletRequest request, ServletResponse response) {
	boolean isLogin = WebUtils.isTrue(request, "__login");
	return super.isLoginRequest(request, response) || isLogin;
}
Example 5
Source File: FormAuthenticationFilter.java    From frpMgr with MIT License 4 votes vote down vote up 
/**
 * 是否为登录操作(支持GET或CAS登录时传递__login=true参数)
 */
@Override
protected boolean isLoginSubmission(ServletRequest request, ServletResponse response) {
	boolean isLogin = WebUtils.isTrue(request, "__login");
	return super.isLoginSubmission(request, response) || isLogin;
}
Example 6
Source File: FormAuthenticationFilter.java    From easyweb with Apache License 2.0 4 votes vote down vote up 
protected boolean isMobileLogin(ServletRequest request) {
    return WebUtils.isTrue(request, getMobileLoginParam());
}
Example 7
Source File: LoginController.java    From Shop-for-JavaWeb with MIT License 4 votes vote down vote up 
/**
 * 登录失败,真正登录的POST请求由Filter完成
 */
@RequestMapping(value = "${adminPath}/login", method = RequestMethod.POST)
public String loginFail(HttpServletRequest request, HttpServletResponse response, Model model) {
	String from = request.getParameter("from");
	SystemAuthorizingRealm.Principal principal = UserUtils.getPrincipal();
	
	// 如果已经登录,则跳转到管理首页
	if(principal != null){
		if (from != null && from.equals("app"))
			return "redirect:/app/user.html";
		else
			return "redirect:" + adminPath;
	}

	String username = WebUtils.getCleanParam(request, FormAuthenticationFilter.DEFAULT_USERNAME_PARAM);
	boolean rememberMe = WebUtils.isTrue(request, FormAuthenticationFilter.DEFAULT_REMEMBER_ME_PARAM);
	boolean mobile = WebUtils.isTrue(request, FormAuthenticationFilter.DEFAULT_MOBILE_PARAM);
	String exception = (String)request.getAttribute(FormAuthenticationFilter.DEFAULT_ERROR_KEY_ATTRIBUTE_NAME);
	String message = (String)request.getAttribute(FormAuthenticationFilter.DEFAULT_MESSAGE_PARAM);
	
	if (StringUtils.isBlank(message) || StringUtils.equals(message, "null")){
		message = "用户或密码错误, 请重试.";
	}

	model.addAttribute(FormAuthenticationFilter.DEFAULT_USERNAME_PARAM, username);
	model.addAttribute(FormAuthenticationFilter.DEFAULT_REMEMBER_ME_PARAM, rememberMe);
	model.addAttribute(FormAuthenticationFilter.DEFAULT_MOBILE_PARAM, mobile);
	model.addAttribute(FormAuthenticationFilter.DEFAULT_ERROR_KEY_ATTRIBUTE_NAME, exception);
	model.addAttribute(FormAuthenticationFilter.DEFAULT_MESSAGE_PARAM, message);
	
	if (logger.isDebugEnabled()){
		logger.debug("login fail, active session size: {}, message: {}, exception: {}", 
				sessionDAO.getActiveSessions(false).size(), message, exception);
	}
	
	// 非授权异常,登录失败,验证码加1。
	if (!UnauthorizedException.class.getName().equals(exception)){
		model.addAttribute("isValidateCodeLogin", isValidateCodeLogin(username, true, false));
	}
	
	// 验证失败清空验证码
	request.getSession().setAttribute(ValidateCodeServlet.VALIDATE_CODE, IdGen.uuid());
	
	// 如果是手机登录,则返回JSON字符串
	if (mobile){
        return renderString(response, model);
	}
	
	if (from != null && from.equals("app"))
		return "modules/app/user/login";
	else
		return "modules/sys/sysLogin";
}
Example 8
Source File: FormAuthenticationFilter.java    From Shop-for-JavaWeb with MIT License 4 votes vote down vote up 
protected boolean isMobileLogin(ServletRequest request) {
    return WebUtils.isTrue(request, getMobileLoginParam());
}
Example 9
Source File: FormAuthenticationFilter.java    From tapestry-security with Apache License 2.0 4 votes vote down vote up 
protected boolean isRememberMe(ServletRequest request) {
    return WebUtils.isTrue(request, getRememberMeParam());
}
Example 10
Source File: FormAuthenticationCaptchaFilter.java    From cms with Apache License 2.0 2 votes vote down vote up 
/**
 * 获得是否手机端
 *
 * @param request
 * @return
 */
protected boolean isMobile(ServletRequest request) {
    return WebUtils.isTrue(request, getRememberMeParam());
}