日期:2014-05-16  浏览次数:20708 次

Apache Shiro 1

1:

?

请求与 loginUrl?

?

2:

?

http请求为post请求

?

3:

?

使用 authc 进行拦截

?

以上三个条件满足,则可触发 登录验证(包含:username, password, rememberMe三个请求参数)

?

?

4:

?

原文:

?

This filter constructs a UsernamePasswordToken with the values found in username, password, and rememberMe request parameters. It then calls Subject.login(usernamePasswordToken), effectively automatically performing a login attempt. Note that the login attempt will only occur when the isLoginSubmission(request,response) is true, which by default occurs when the request is for the loginUrl and is a POST request.

?

5:

?

?/login/logout.htm = logout

?