请问各位,为什么执行了subject.logout()等方法后ShiroUtils.getSysUser() 缓存依然清除失败?
-----user----:SysUser [userId=ad8f648becae47bc, deptId=04, loginName=www, userName=www, email=null, phonenumber=, sex=0, avatar=, password=e7195e720e3dc3996a490e6abca6f66a, salt=db17f1, status=1, delFlag=null, loginIp=, loginDate=null, pwdUpdateDate=null, isAdmin=0, createBy=超级管理员, createTime=Tue Jan 25 20:11:40 CST 2022, updateBy=null, updateTime=null, remark=]
------重新开始清理指定用户缓存
------结束清理指定用户缓存
------重新开始清理指定用户认证缓存
------结束清理指定用户认证缓存
09:51:32.794 [http-nio-9999-exec-5] INFO o.a.s.c.e.EhCacheManager - [getCache,169] - Using existing EHCache named [sys-userCache]
Creating a new SqlSession
SqlSession [org.apache.ibatis.session.defaults.DefaultSqlSession@4ca7b8ab] was not registered for synchronization because synchronization is not active
JDBC Connection [com.alibaba.druid.proxy.jdbc.ConnectionProxyImpl@6b254ab4] will not be managed by Spring
==> Preparing: select sessionId, login_name, dept_name, ipaddr, login_location, browser, os, status, start_timestamp, last_access_time, expire_time from sys_user_online where sessionId = ?
09:51:32.805 [schedule-pool-1] INFO sys-user - [run,115] - [127.0.0.1]内网IP[www][Logout][退出成功]
Creating a new SqlSession
SqlSession [org.apache.ibatis.session.defaults.DefaultSqlSession@1eeaa181] was not registered for synchronization because synchronization is not active
==> Parameters: 5a1254dc-2eef-42c4-b0c9-659d2c92bd0a(String)
JDBC Connection [com.alibaba.druid.proxy.jdbc.ConnectionProxyImpl@3e9128fe] will not be managed by Spring
<== Columns: sessionId, login_name, dept_name, ipaddr, login_location, browser, os, status, start_timestamp, last_access_time, expire_time
==> Preparing: SELECT u.user_id, u.dept_id, ( SELECT d.dname FROM sys_dept d WHERE d.deptno = u.dept_id ) dname, u.login_name, u.user_name, u.phonenumber, u.sex, u.avatar, u.PASSWORD, u.salt, u.STATUS, u.login_ip, u.login_date, u.is_admin, u.remark, u.create_by, u.create_time, group_concat(ro.role_name) role FROM sys_user u LEFT JOIN sys_user_role rs on rs.userid=u.user_id LEFT JOIN sys_role ro on ro.roleid=rs.roleid where u.login_name = ? GROUP BY u.user_id order BY u.dept_id,u.user_name
<== Row: 5a1254dc-2eef-42c4-b0c9-659d2c92bd0a, www, null, 127.0.0.1, 内网IP, Chrome 9, Windows 10, on_line, 2022-04-01 09:51:23, 2022-04-01 09:51:23, 1800000
==> Parameters: www(String)
<== Total: 1
Closing non transactional SqlSession [org.apache.ibatis.session.defaults.DefaultSqlSession@4ca7b8ab]
Creating a new SqlSession
SqlSession [org.apache.ibatis.session.defaults.DefaultSqlSession@7046e469] was not registered for synchronization because synchronization is not active
JDBC Connection [com.alibaba.druid.proxy.jdbc.ConnectionProxyImpl@6b254ab4] will not be managed by Spring
<== Columns: user_id, dept_id, dname, login_name, user_name, phonenumber, sex, avatar, PASSWORD, salt, STATUS, login_ip, login_date, is_admin, remark, create_by, create_time, role
<== Row: ad8f648becae47bc, 04, xxxxx, www, www, , 0, , e7195e720e3dc3996a490e6abca6f66a, db17f1, 1, , null, 0, , 超级管理员, 2022-01-25 20:11:40, <<BLOB>>
<== Total: 1
Closing non transactional SqlSession [org.apache.ibatis.session.defaults.DefaultSqlSession@1eeaa181]
Creating a new SqlSession
SqlSession [org.apache.ibatis.session.defaults.DefaultSqlSession@43ea7cfd] was not registered for synchronization because synchronization is not active
JDBC Connection [com.alibaba.druid.proxy.jdbc.ConnectionProxyImpl@3e9128fe] will not be managed by Spring
==> Preparing: insert into sys_logininfor (login_name, status, ipaddr, login_location, browser, os, msg, login_time,userid) values (?, ?, ?, ?, ?, ?, ?, sysdate(),?)
==> Preparing: delete from sys_user_online where sessionId = ?
==> Parameters: www(String), 0(String), 127.0.0.1(String), 内网IP(String), Chrome 9(String), Windows 10(String), 退出成功(String), ad8f648becae47bc(String)
==> Parameters: 5a1254dc-2eef-42c4-b0c9-659d2c92bd0a(String)
<== Updates: 1
Closing non transactional SqlSession [org.apache.ibatis.session.defaults.DefaultSqlSession@43ea7cfd]
<== Updates: 1
Closing non transactional SqlSession [org.apache.ibatis.session.defaults.DefaultSqlSession@7046e469]
-----user----:SysUser [userId=ad8f648becae47bc, deptId=04, loginName=www, userName=www, email=null, phonenumber=, sex=0, avatar=, password=e7195e720e3dc3996a490e6abca6f66a, salt=db17f1, status=1, delFlag=null, loginIp=, loginDate=null, pwdUpdateDate=null, isAdmin=0, createBy=超级管理员, createTime=Tue Jan 25 20:11:40 CST 2022, updateBy=null, updateTime=null, remark=]
================================================================================
: Request time : 2022-04-01 09:51:32
: HTTP Method : GET
: Path : /login
: Controller : com.ccit.cxc.controller.system.SysLoginController (SysLoginController.java:36)
: Parameter :
================================================================================
================================================================================
: Request time : 2022-04-01 09:51:33
: HTTP Method : GET
: Path : /getCaptcha
: Controller : com.ccit.cxc.controller.system.SysLoginController (SysLoginController.java:109)
: Parameter : _t=Fri Apr 01 2022 09:51:33 GMT 0800 (中国标准时间)
================================================================================
###### LogoutFilter 方法
```java
public class LogoutFilter extends org.apache.shiro.web.filter.authc.LogoutFilter{
private static final Logger log = LoggerFactory.getLogger(LogoutFilter.class);
/**
* 退出后重定向的地址
*/
private String loginUrl;
public String getLoginUrl()
{
return loginUrl;
}
public void setLoginUrl(String loginUrl)
{
this.loginUrl = loginUrl;
}
@Override
protected boolean preHandle(ServletRequest request, ServletResponse response) throws Exception
{
try
{
Subject subject = getSubject(request, response);
String redirectUrl = getRedirectUrl(request, response, subject);
SysUser user = ShiroUtils.getSysUser();
System.out.println("-----user----:"+user);
try
{
if (StringUtils.isNotNull(user)) {
// 清除授权缓存
UserRealm.clearCachedAuthorizationInfo(user);
// 清除认证缓存
UserRealm.clearCachedAuthenticationInfo(user.getLoginName());
}
if (StringUtils.isNotNull(user))
{
String loginName = user.getLoginName();
// 记录用户退出日志
AsyncManager.me().execute(AsyncFactory.recordLogininfor(loginName, Constants.LOGOUT, MessageUtils.message("user.logout.success")));
// 清理缓存
SpringUtils.getBean(SysUserOnlineService.class).removeUserCache(loginName, ShiroUtils.getSessionId());
}
// 退出登录
subject.logout();
}
catch (SessionException ise)
{
log.error("logout fail.", ise);
}
issueRedirect(request, response, redirectUrl);
System.out.println("-----user----:"+user);
}
catch (Exception e)
{
log.error("Encountered session exception during logout. This can generally safely be ignored.", e);
}
return false;
}
/**
* 退出跳转URL
*/
@Override
protected String getRedirectUrl(ServletRequest request, ServletResponse response, Subject subject)
{
String url = getLoginUrl();
if (StringUtils.isNotEmpty(url))
{
return url;
}
return super.getRedirectUrl(request, response, subject);
}
}
Subject subject = getSubject(request, response); 改为 Subject subject = SecurityUtils.getSubject();
ShiroUtils不会是你自己写的吧,执行退出后会清理session,此时的Subject.isAuthenticated也是false