How to get the HTTP status from the response returned by shiro authentication

Question

Now I am using Shiro integrated with Spring to protect my project. Mainly filter the request according to the roles. Now I meet a problem. For example, after I logged in some time, the session is out and at this time when I click some buttons which send request to the backend, the request is definitely intercepted by shiro due to my session out. That's where the problem exists. Even though Shiro gives a choice you can config some thing like

    <property name="unauthorizedUrl" value="/unauthorized.jsp"/>

to assign the url if the request is unauthorized. I think reponse shiro returned should include the status.Unauthorized or 401 error. What I want to do is dealing with this error in each ajax request. But I don't know check the status in the callback method of ajax. Does anyone can give some advice? Thanks

score 0 · Answer 1 · answered Nov 13 '13 at 22:21

You can add a method like this to your SecurityFilters:

def onNotAuthenticated(subject, filter) {
    def redirectToLoginPage = true
    if (filter.request.xhr) {
        filter.response.sendError 403
        redirectToLoginPage = false
    }
    redirectToLoginPage
}

How to get the HTTP status from the response returned by shiro authentication

1 Answers1