revert: 回退apikeyfilter的代码
This commit is contained in:
parent
abe075ec27
commit
e21ea99dab
|
@ -20,13 +20,10 @@ public class ApiKeyFilter extends AnonymousFilter {
|
||||||
// 不是apikey的通过
|
// 不是apikey的通过
|
||||||
if (!ApiKeyHandler.isApiKeyCall(httpRequest) && !SecurityUtils.getSubject().isAuthenticated()) {
|
if (!ApiKeyHandler.isApiKeyCall(httpRequest) && !SecurityUtils.getSubject().isAuthenticated()) {
|
||||||
// sso 带了token的
|
// sso 带了token的
|
||||||
String token = httpRequest.getHeader(SessionConstants.SSO_TOKEN);
|
|
||||||
if (StringUtils.isNotBlank(token)) {
|
|
||||||
String userId = SSOSessionHandler.validate(httpRequest);
|
String userId = SSOSessionHandler.validate(httpRequest);
|
||||||
if (StringUtils.isNotBlank(userId)) {
|
if (StringUtils.isNotBlank(userId)) {
|
||||||
SecurityUtils.getSubject().login(new UsernamePasswordToken(userId, SSOSessionHandler.random));
|
SecurityUtils.getSubject().login(new UsernamePasswordToken(userId, SSOSessionHandler.random));
|
||||||
}
|
}
|
||||||
}
|
|
||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue