shiro @RequiresPermissions注解无效403.10 禁止访问：配置无效 

 springboot集成shiro   @RequiresPermissions注解无效，，下面是shiro   配置

/** * 配置安全管理器 * * @author zhengkai */ @Bean("securityManager") public SecurityManager securityManager() { DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager(); securityManager.setRealm(myShiroRealm()); securityManager.setCacheManager(ehCacheManager()); return securityManager; }

/**
 * 配置shiro过滤器
 * 
 * @author zhengkai
 */
@Bean("shiroFilter")
public ShiroFilterFactoryBean shiroFilter(SecurityManager securityManager) {
	// 1.定义shiroFactoryBean
	ShiroFilterFactoryBean shiroFilterFactoryBean = new ShiroFilterFactoryBean();
	// 2.设置securityManager
	shiroFilterFactoryBean.setSecurityManager(securityManager);
	// 3.LinkedHashMap是有序的，进行顺序拦截器配置
	Map<String, String> filterChainMap = new LinkedHashMap<String, String>();
	// 4.配置logout过滤器
	filterChainMap.put("/account/logout", "anon");
	// 静态资源不拦截
	filterChainMap.put("/assets/**", "anon");

	filterChainMap.put("/account/login", "anon");
	// 5.所有url必须通过认证才可以访问
	filterChainMap.put("/**", "authc");
	// 6.设置默认登录的url
	shiroFilterFactoryBean.setLoginUrl("/account/index");
	// 7.设置成功之后要跳转的链接
	shiroFilterFactoryBean.setSuccessUrl("/main/index");
	// 8.设置未授权界面
	shiroFilterFactoryBean.setUnauthorizedUrl("/error");

	// 9.设置shiroFilterFactoryBean的FilterChainDefinitionMap
	shiroFilterFactoryBean.setFilterChainDefinitionMap(filterChainMap);
	return shiroFilterFactoryBean;
}

@Bean("myShiroRealm")
public MyShiroRealm myShiroRealm() {
	MyShiroRealm myShiroRealm = new MyShiroRealm();
	myShiroRealm.setCachingEnabled(true);
	myShiroRealm.setAuthorizationCachingEnabled(true);
	return myShiroRealm;
}

@Bean
@DependsOn({ "lifecycleBeanPostProcessor" })
public DefaultAdvisorAutoProxyCreator defaultAdvisorAutoProxyCreator() {
	// 设置代理类
	DefaultAdvisorAutoProxyCreator creator = new DefaultAdvisorAutoProxyCreator();
	creator.setProxyTargetClass(true);

	return creator;
}

@Bean("authorizationAttributeSourceAdvisor")
public AuthorizationAttributeSourceAdvisor authorizationAttributeSourceAdvisor(SecurityManager securityManager) {
	AuthorizationAttributeSourceAdvisor authorizationAttributeSourceAdvisor = new AuthorizationAttributeSourceAdvisor();
	authorizationAttributeSourceAdvisor.setSecurityManager(securityManager);
	return authorizationAttributeSourceAdvisor;
}

@Bean(name = "lifecycleBeanPostProcessor")
public LifecycleBeanPostProcessor lifecycleBeanPostProcessor() {
	return new LifecycleBeanPostProcessor();
}

@Bean("ehCacheManager")
public EhCacheManager ehCacheManager() {
	net.sf.ehcache.CacheManager cacheManager = net.sf.ehcache.CacheManager.getCacheManager("em");
	EhCacheManager em = new EhCacheManager();
	if (ObjectUtils.isEmpty(cacheManager)) {
		em.setCacheManagerConfigFile("classpath:ehcache-shiro.xml");
		return em;
	} else {
		em.setCacheManager(cacheManager);
		return em;
	}
}

@Bean("simpleMappingExceptionResolver")
public SimpleMappingExceptionResolver simpleMappingExceptionResolver() {
	SimpleMappingExceptionResolver resolver = new SimpleMappingExceptionResolver();
	Properties mappings = new Properties();
	mappings.setProperty("org.apache.shiro.authz.UnauthorizedException", "/error");
	resolver.setExceptionMappings(mappings);
	return resolver;
}