package com.sniper.shiro.security.web.interceptor;import javax.servlet.ServletRequest;import javax.servlet.ServletResponse;import javax.servlet.http.HttpServletRequest;import org.apache.commons.lang.StringUtils;import org.apache.shiro.authc.AuthenticationToken;import org.apache.shiro.subject.Subject;import org.apache.shiro.web.filter.AccessControlFilter;import org.apache.shiro.web.filter.authc.AuthenticationFilter;import org.apache.shiro.web.filter.authc.FormAuthenticationFilter;import org.apache.shiro.web.util.SavedRequest;import org.apache.shiro.web.util.WebUtils;public class MyFormAuthenticationFilter extends FormAuthenticationFilter {        /**     * 改写源代码，使得认证成功后跳转到successUrl路径     */    @Override    protected boolean onLoginSuccess(AuthenticationToken token,            Subject subject, ServletRequest request, ServletResponse response)            throws Exception {        //return super.onLoginSuccess(token, subject, request, response);                String fallbackUrl = this.getSuccessUrl();                String successUrl = null;        boolean contextRelative = true;        SavedRequest savedRequest = WebUtils.getAndClearSavedRequest(request);        if (savedRequest != null && savedRequest.getMethod().equalsIgnoreCase(AccessControlFilter.GET_METHOD)) {            successUrl = savedRequest.getRequestUrl();            contextRelative = false;        }        if(!StringUtils.isEmpty(fallbackUrl) && !AuthenticationFilter.DEFAULT_SUCCESS_URL.equals(fallbackUrl)) {            successUrl = ((HttpServletRequest)request).getContextPath() + fallbackUrl;        }                if (successUrl == null) {            successUrl = this.getSuccessUrl();        }        if (successUrl == null) {            throw new IllegalStateException("Success URL not available via saved request or via the " +                    "successUrlFallback method parameter. One of these must be non-null for " +                    "issueSuccessRedirect() to work.");        }        WebUtils.issueRedirect(request, response, successUrl, null, contextRelative);                return false;    }    }

    
    
             
         
     
              
                      
      
                   
                               
               
                       
               
                       
               
       
                    
        
                         
                         /login.jsp = anon                                /refuse.jsp = anon                
                         /images/** = anon                /js/** = anon                
                         /logout.do = logout                
                         /** = authc