开发者社区> 问答> 正文

springboot集成shiro @RequiresPermissions注解无效 :报错

 springboot集成shiro   @RequiresPermissions注解无效,,下面是shiro   配置

/**
	 * 配置安全管理器
	 * 
	 * @author zhengkai
	 */
	@Bean("securityManager")
	public SecurityManager securityManager() {
		DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager();
		securityManager.setRealm(myShiroRealm());
		securityManager.setCacheManager(ehCacheManager());
		return securityManager;
	}

	/**
	 * 配置shiro过滤器
	 * 
	 * @author zhengkai
	 */
	@Bean("shiroFilter")
	public ShiroFilterFactoryBean shiroFilter(SecurityManager securityManager) {
		// 1.定义shiroFactoryBean
		ShiroFilterFactoryBean shiroFilterFactoryBean = new ShiroFilterFactoryBean();
		// 2.设置securityManager
		shiroFilterFactoryBean.setSecurityManager(securityManager);
		// 3.LinkedHashMap是有序的,进行顺序拦截器配置
		Map<String, String> filterChainMap = new LinkedHashMap<String, String>();
		// 4.配置logout过滤器
		filterChainMap.put("/account/logout", "anon");
		// 静态资源不拦截
		filterChainMap.put("/assets/**", "anon");

		filterChainMap.put("/account/login", "anon");
		// 5.所有url必须通过认证才可以访问
		filterChainMap.put("/**", "authc");
		// 6.设置默认登录的url
		shiroFilterFactoryBean.setLoginUrl("/account/index");
		// 7.设置成功之后要跳转的链接
		shiroFilterFactoryBean.setSuccessUrl("/main/index");
		// 8.设置未授权界面
		shiroFilterFactoryBean.setUnauthorizedUrl("/error");

		// 9.设置shiroFilterFactoryBean的FilterChainDefinitionMap
		shiroFilterFactoryBean.setFilterChainDefinitionMap(filterChainMap);
		return shiroFilterFactoryBean;
	}

	@Bean("myShiroRealm")
	public MyShiroRealm myShiroRealm() {
		MyShiroRealm myShiroRealm = new MyShiroRealm();
		myShiroRealm.setCachingEnabled(true);
		myShiroRealm.setAuthorizationCachingEnabled(true);
		return myShiroRealm;
	}

	@Bean
	@DependsOn({ "lifecycleBeanPostProcessor" })
	public DefaultAdvisorAutoProxyCreator defaultAdvisorAutoProxyCreator() {
		// 设置代理类
		DefaultAdvisorAutoProxyCreator creator = new DefaultAdvisorAutoProxyCreator();
		creator.setProxyTargetClass(true);

		return creator;
	}

	@Bean("authorizationAttributeSourceAdvisor")
	public AuthorizationAttributeSourceAdvisor authorizationAttributeSourceAdvisor(SecurityManager securityManager) {
		AuthorizationAttributeSourceAdvisor authorizationAttributeSourceAdvisor = new AuthorizationAttributeSourceAdvisor();
		authorizationAttributeSourceAdvisor.setSecurityManager(securityManager);
		return authorizationAttributeSourceAdvisor;
	}

	@Bean(name = "lifecycleBeanPostProcessor")
	public LifecycleBeanPostProcessor lifecycleBeanPostProcessor() {
		return new LifecycleBeanPostProcessor();
	}

	@Bean("ehCacheManager")
	public EhCacheManager ehCacheManager() {
		net.sf.ehcache.CacheManager cacheManager = net.sf.ehcache.CacheManager.getCacheManager("em");
		EhCacheManager em = new EhCacheManager();
		if (ObjectUtils.isEmpty(cacheManager)) {
			em.setCacheManagerConfigFile("classpath:ehcache-shiro.xml");
			return em;
		} else {
			em.setCacheManager(cacheManager);
			return em;
		}
	}

	@Bean("simpleMappingExceptionResolver")
	public SimpleMappingExceptionResolver simpleMappingExceptionResolver() {
		SimpleMappingExceptionResolver resolver = new SimpleMappingExceptionResolver();
		Properties mappings = new Properties();
		mappings.setProperty("org.apache.shiro.authz.UnauthorizedException", "/error");
		resolver.setExceptionMappings(mappings);
		return resolver;
	}

 

 

 

展开
收起
kun坤 2020-06-06 18:27:40 1543 0
1 条回答
写回答
取消 提交回答
  • 要使用注解,需要在MyShiroRealm中setPermissions or setRole

    ######回复 @夏碌冬藏 :这个 肯定比配啊,就算是不匹配 那么 也会跳转到 没有权限的界面去。。现在是 注解没生效,不管 匹没匹配 都 能进入这个界面######回复 @我叫程序猿不叫码农 : 那就要看你@RequiresPermissions(??)的内容跟set的内容是否匹配了######这个有定义的######

    问题解决了么 ? 我遇到了和你同样的问题  各种尝试都没有解决  求指点

    ######

    https://my.oschina.net/u/3387320/blog/3010315

    2020-06-06 18:27:49
    赞同 展开评论 打赏
问答排行榜
最热
最新

相关电子书

更多
阿里邮箱—安全高效集成 立即下载
集成智能接入网关APP:优化企业级移动办公网络 立即下载
云效助力企业集成安全到DevOps中 立即下载

相关实验场景

更多