java - 關(guān)于shiro在spring boot下自動(dòng)登錄的問題?
問題描述
我想實(shí)現(xiàn)shiro rememberMe之后,再次訪問后自動(dòng)登錄并把一些用戶信息再存入session
我現(xiàn)在是按照http://blog.csdn.net/Q_AN1314...這篇文章,寫了一個(gè)過濾器,但是在過濾器里獲取subject時(shí)出現(xiàn)錯(cuò)誤
org.apache.shiro.UnavailableSecurityManagerException: No SecurityManager accessible to the calling code, either bound to the org.apache.shiro.util.ThreadContext or as a vm static singleton. This is an invalid application configuration.
這是過濾器
public class AddPrincipalToSessionFilter extends OncePerRequestFilter { @Resource private ManagerService managerService; @Override protected void doFilterInternal(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws ServletException, IOException {Subject subject = SecurityUtils.getSubject();if (subject.isRemembered()) { String principal = (String) subject.getPrincipal(); Manager manager = managerService.queryManager(principal); //將用戶信息存入session ContextHelper.saveLoginUserInfoToSeesion(manager);}filterChain.doFilter(servletRequest, servletResponse); }}
這是shiroFilter
@Bean @Autowired public ShiroFilterFactoryBean shiroFilter(SecurityManager securityManager) {ShiroFilterFactoryBean shiroFilterFactoryBean = new ShiroFilterFactoryBean();// 必須設(shè)置 SecurityManagershiroFilterFactoryBean.setSecurityManager(securityManager);Map<String, Filter> filters = shiroFilterFactoryBean.getFilters();//獲取filtersfilters.put('authc', new CustomFormAuthenticationFilter());//驗(yàn)證碼過濾器filters.put('addPrincipal', addPrincipalToSessionFilter());//rememberMe存session過濾器//攔截器.Map<String, String> filterChainDefinitionMap = new LinkedHashMap<>();//配置退出過濾器,其中的具體的退出代碼Shiro已經(jīng)替我們實(shí)現(xiàn)了filterChainDefinitionMap.put('/logout', 'logout');filterChainDefinitionMap.put('/favicon.ico', 'anon');filterChainDefinitionMap.put('/js/**', 'anon');filterChainDefinitionMap.put('/css/**', 'anon');filterChainDefinitionMap.put('/img/**', 'anon');filterChainDefinitionMap.put('/fonts/**', 'anon');filterChainDefinitionMap.put('/icons/**', 'anon');filterChainDefinitionMap.put('/error/**', 'anon');filterChainDefinitionMap.put('/validateCode', 'anon');//配置記住我或認(rèn)證通過可以訪問的地址filterChainDefinitionMap.put('/', 'addPrincipal,user');filterChainDefinitionMap.put('/index', 'addPrincipal,user');filterChainDefinitionMap.put('/index.html', 'addPrincipal,user');//<!-- 過濾鏈定義,從上向下順序執(zhí)行,一般將 /**放在最為下邊//<!-- authc:所有url都必須認(rèn)證通過才可以訪問; anon:所有url都都可以匿名訪問-->filterChainDefinitionMap.put('/**', 'authc');shiroFilterFactoryBean.setFilterChainDefinitionMap(filterChainDefinitionMap);// 如果不設(shè)置默認(rèn)會(huì)自動(dòng)尋找Web工程根目錄下的'/login.jsp'頁(yè)面shiroFilterFactoryBean.setLoginUrl('/login.html');// 登錄成功后要跳轉(zhuǎn)的鏈接shiroFilterFactoryBean.setSuccessUrl('/index.html');// 未授權(quán)要跳轉(zhuǎn)的鏈接shiroFilterFactoryBean.setUnauthorizedUrl('/error/403');return shiroFilterFactoryBean; }}
請(qǐng)問一下大家這是怎么回事?或者大家有什么更好的實(shí)現(xiàn)方法請(qǐng)指教一下
問題解答
回答1:已解決 1.這個(gè)bean的注入一定要在shiroFilter下面
@Beanpublic AddPrincipalToSessionFilter addPrincipalToSessionFilter(){ return new AddPrincipalToSessionFilter();}
2.user要寫在addPrincipal前面 filterChainDefinitionMap.put('/', 'user,addPrincipal');
相關(guān)文章:
1. [前端求職必看]前端開發(fā)面試題與答案精選_擴(kuò)展問題2. javascript - 在top.jsp點(diǎn)擊退出按鈕后,right.jsp進(jìn)行頁(yè)面跳轉(zhuǎn),跳轉(zhuǎn)到login.jsp3. javascript - 下面的這段算法代碼求解釋4. mac連接阿里云docker集群,已經(jīng)卡了2天了,求問?5. css3 - 在sublime text里, 如何讓emmet生成的帶前綴css屬性垂直對(duì)齊?6. javascript - js 有什么優(yōu)雅的辦法實(shí)現(xiàn)在同時(shí)打開的兩個(gè)標(biāo)簽頁(yè)間相互通信?7. java - spring-data Jpa 不需要執(zhí)行save 語(yǔ)句,Set字段就可以自動(dòng)執(zhí)行保存的方法?求解8. android - 哪位大神知道java后臺(tái)的api接口的對(duì)象傳到前端后輸入日期報(bào)錯(cuò),是什么情況?求大神指點(diǎn)9. javascript - angular中如何創(chuàng)建一個(gè)能被不同模塊中組件都能訪問其屬性和方法的對(duì)象10. 想找個(gè)php大神仿個(gè)網(wǎng)站。
網(wǎng)公網(wǎng)安備