shiro登录成功后，没有跳转到Success

debug后跟进去观察后发现FormAuthenticationFilter成功登陆后，会调用它的onLoginSuccess方法。

  protected boolean onLoginSuccess(AuthenticationToken token, Subject subject,
                                     ServletRequest request, ServletResponse response) throws Exception {
        issueSuccessRedirect(request, response);
        //we handled the success redirect directly, prevent the chain from continuing:
        return false;
    }



 protected void issueSuccessRedirect(ServletRequest request, ServletResponse response) throws Exception {
        WebUtils.redirectToSavedRequest(request, response, getSuccessUrl());
    }

 public static void redirectToSavedRequest(ServletRequest request, ServletResponse response, String fallbackUrl)
            throws IOException {
        String successUrl = null;
        boolean contextRelative = true;
        SavedRequest savedRequest = WebUtils.getAndClearSavedRequest(request);
        if (savedRequest != null && savedRequest.getMethod().equalsIgnoreCase(AccessControlFilter.GET_METHOD)) {
            successUrl = savedRequest.getRequestUrl();
            contextRelative = false;
        }

        if (successUrl == null) {
            successUrl = fallbackUrl;
        }

        if (successUrl == null) {
            throw new IllegalStateException("Success URL not available via saved request or via the " +
                    "successUrlFallback method parameter. One of these must be non-null for " +
                    "issueSuccessRedirect() to work.");
        }

        WebUtils.issueRedirect(request, response, successUrl, null, contextRelative);
    }

可以看出如果由之前的页面跳转到登陆页的话，savedRequest保存了原来的地址，这个地址会取代我们设置的successUrl；只有当savedRequest为null的时候，successUrl才会是我们设置的地址。

怎么避免返回原来的页面，按照我们设置的successUrl跳转呢？重写它

  //重写onSSOLoginSuccess，实现追加自定义参数
  protected boolean onSSOLoginSuccess(UsernamePasswordCaptchaToken token, Subject subject, ServletRequest request,
			ServletResponse response, String accessToken) {
		try {

			String b = request.getParameter("hidCurrBrand");
			if (b != null) {
				String sucurl = this.getSuccessUrl();
				if (sucurl.contains("?")) {
					sucurl = sucurl.substring(0, sucurl.indexOf("?"));
				}
				sucurl += "?brand=" + b + "&accessToken=" + accessToken;
				System.out.println("this successUrl:" + sucurl);
				this.setSuccessUrl(sucurl);
			}
			//重写issueSuccessRedirect方法，解决successUrl被覆盖的问题
			issueSuccessRedirect(request, response);
		} catch (Exception e) {
			e.printStackTrace();
		}

		return false;
	}


	//重写issueSuccessRedirect，直接跳转我们设置的SuccessUrl
	@Override
	protected void issueSuccessRedirect(ServletRequest request, ServletResponse response) throws Exception {
		WebUtils.issueRedirect(request, response, this.getSuccessUrl(), null, true);
	}