Spring 零配置
@Configuration public class SecurityConfig { //此处省略部分代码,与xml配置相同,下面贴出出问题的主要代码 @Bean public LifecycleBeanPostProcessor lifecycleBeanPostProcessor() { return new LifecycleBeanPostProcessor(); }
@Bean @DependsOn(value = "lifecycleBeanPostProcessor") public DefaultAdvisorAutoProxyCreator defaultAdvisorAutoProxyCreator() { DefaultAdvisorAutoProxyCreator creator = new DefaultAdvisorAutoProxyCreator(); creator.setProxyTargetClass(true); // it's false by default return creator; } @Bean public AuthorizationAttributeSourceAdvisor authorizationAttributeSourceAdvisor() { AuthorizationAttributeSourceAdvisor authorizationAttributeSourceAdvisor = new AuthorizationAttributeSourceAdvisor(); authorizationAttributeSourceAdvisor.setSecurityManager(defaultWebSecurityManager()); return authorizationAttributeSourceAdvisor; } }
authorizationAttributeSourceAdvisor.setSecurityManager(defaultWebSecurityManager());
在shiro认证用户时就会报错
public class AuthenticationRealm extends AuthorizingRealm { private static final Logger logger = Logger.getLogger(AuthenticationRealm.class); @Inject private CaptchaService captchaService; @Inject private UserService userService; @Inject private PermissionService permissionService; /** * 获取认证信息 * * @param token 令牌 * @return 认证信息 */ @Override protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) { UsernamePasswordCaptchaToken usernamePasswordCaptchaToken = (UsernamePasswordCaptchaToken) token; // 获取登录信息 String username = usernamePasswordCaptchaToken.getUsername(); String password = new String(usernamePasswordCaptchaToken.getPassword()); String captcha = usernamePasswordCaptchaToken.getCaptcha(); String ip = usernamePasswordCaptchaToken.getHost(); HttpSession session = usernamePasswordCaptchaToken.getSession(); User user = userService.getUser(username); // 启用管理员登录验证码时,验证验证码 if (!captchaService.verify(CaptchaType.adminLogin, captcha, session)) { // 异常:无效令牌 throw new UnsupportedTokenException(); } if (user != null /*&& doCaptchaValidate(token)*/) { byte[] salt = EncodeUtils.decodeHex(user.getSalt()); ShiroUser shiroUser = new ShiroUser(user.getId(), user.getLoginName(), user.getName()); session.setAttribute("user", user); return new SimpleAuthenticationInfo(shiroUser, user.getPassword(), ByteSource.Util.bytes(salt), getName()); } else { // 异常:账户不存在 throw new UnknownAccountException(); } } }
会报错,提示:Could not obtain transaction-synchronized Session for current thread
<imgsrc="http://www.oschina.net/js/ke/plugins/emoticons/images/7.gif"alt="">搞了半天还是没大神来。。。。还好自己解决了<imgsrc="http://www.oschina.net/js/ke/plugins/emoticons/images/13.gif"alt="">报什么错也没给出来,表示很茫然啊
回复<aclass='referer'target='_blank'>@土豆不会飞:您是怎么解决的呢?我也遇见这个问题了。就是报Couldnotobtaintransaction-synchronizedSessionforcurrentthread;估计有可能是多次代理造成的
配置了DefaultAdvisorAutoProxyCreator,结果在鉴权的时候会调用鉴权方法两次
版权声明:本文内容由阿里云实名注册用户自发贡献,版权归原作者所有,阿里云开发者社区不拥有其著作权,亦不承担相应法律责任。具体规则请查看《阿里云开发者社区用户服务协议》和《阿里云开发者社区知识产权保护指引》。如果您发现本社区中有涉嫌抄袭的内容,填写侵权投诉表单进行举报,一经查实,本社区将立刻删除涉嫌侵权内容。