/** * Determines whether the current subject should be allowed to make the current request. * <p/> * The default implementation returns <code>true</code> if the user is authenticated. Will also return * <code>true</code> if the {@link #isLoginRequest} returns false and the "permissive" flag is set. * * @return <code>true</code> if request should be allowed access */ @Override protected boolean isAccessAllowed(ServletRequest request, ServletResponse response, Object mappedValue) { return super.isAccessAllowed(request, response, mappedValue) || (!isLoginRequest(request, response) && isPermissive(mappedValue)); }
@Override protected boolean isAccessAllowed(ServletRequest request, ServletResponse response, Object mappedValue) { if(this.isLoginRequest(request, response)) return true; Boolean afterFiltered = (Boolean)(request.getAttribute("jwtShiroFilter.FILTERED")); if( BooleanUtils.isTrue(afterFiltered)) return true; boolean allowed = false; try { allowed = executeLogin(request, response); } catch(IllegalStateException e){ //not found any token log.error("Not found any token"); }catch (Exception e) { log.error("Error occurs when login", e); } return allowed || super.isPermissive(mappedValue); }