springboot集成shiro @RequiresPermissions注解无效,,下面是shiro 配置
/**
* 配置安全管理器
*
* @author zhengkai
*/
@Bean("securityManager")
public SecurityManager securityManager() {
DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager();
securityManager.setRealm(myShiroRealm());
securityManager.setCacheManager(ehCacheManager());
return securityManager;
}
/**
* 配置shiro过滤器
*
* @author zhengkai
*/
@Bean("shiroFilter")
public ShiroFilterFactoryBean shiroFilter(SecurityManager securityManager) {
// 1.定义shiroFactoryBean
ShiroFilterFactoryBean shiroFilterFactoryBean = new ShiroFilterFactoryBean();
// 2.设置securityManager
shiroFilterFactoryBean.setSecurityManager(securityManager);
// 3.LinkedHashMap是有序的,进行顺序拦截器配置
Map<String, String> filterChainMap = new LinkedHashMap<String, String>();
// 4.配置logout过滤器
filterChainMap.put("/account/logout", "anon");
// 静态资源不拦截
filterChainMap.put("/assets/**", "anon");
filterChainMap.put("/account/login", "anon");
// 5.所有url必须通过认证才可以访问
filterChainMap.put("/**", "authc");
// 6.设置默认登录的url
shiroFilterFactoryBean.setLoginUrl("/account/index");
// 7.设置成功之后要跳转的链接
shiroFilterFactoryBean.setSuccessUrl("/main/index");
// 8.设置未授权界面
shiroFilterFactoryBean.setUnauthorizedUrl("/error");
// 9.设置shiroFilterFactoryBean的FilterChainDefinitionMap
shiroFilterFactoryBean.setFilterChainDefinitionMap(filterChainMap);
return shiroFilterFactoryBean;
}
@Bean("myShiroRealm")
public MyShiroRealm myShiroRealm() {
MyShiroRealm myShiroRealm = new MyShiroRealm();
myShiroRealm.setCachingEnabled(true);
myShiroRealm.setAuthorizationCachingEnabled(true);
return myShiroRealm;
}
@Bean
@DependsOn({ "lifecycleBeanPostProcessor" })
public DefaultAdvisorAutoProxyCreator defaultAdvisorAutoProxyCreator() {
// 设置代理类
DefaultAdvisorAutoProxyCreator creator = new DefaultAdvisorAutoProxyCreator();
creator.setProxyTargetClass(true);
return creator;
}
@Bean("authorizationAttributeSourceAdvisor")
public AuthorizationAttributeSourceAdvisor authorizationAttributeSourceAdvisor(SecurityManager securityManager) {
AuthorizationAttributeSourceAdvisor authorizationAttributeSourceAdvisor = new AuthorizationAttributeSourceAdvisor();
authorizationAttributeSourceAdvisor.setSecurityManager(securityManager);
return authorizationAttributeSourceAdvisor;
}
@Bean(name = "lifecycleBeanPostProcessor")
public LifecycleBeanPostProcessor lifecycleBeanPostProcessor() {
return new LifecycleBeanPostProcessor();
}
@Bean("ehCacheManager")
public EhCacheManager ehCacheManager() {
net.sf.ehcache.CacheManager cacheManager = net.sf.ehcache.CacheManager.getCacheManager("em");
EhCacheManager em = new EhCacheManager();
if (ObjectUtils.isEmpty(cacheManager)) {
em.setCacheManagerConfigFile("classpath:ehcache-shiro.xml");
return em;
} else {
em.setCacheManager(cacheManager);
return em;
}
}
@Bean("simpleMappingExceptionResolver")
public SimpleMappingExceptionResolver simpleMappingExceptionResolver() {
SimpleMappingExceptionResolver resolver = new SimpleMappingExceptionResolver();
Properties mappings = new Properties();
mappings.setProperty("org.apache.shiro.authz.UnauthorizedException", "/error");
resolver.setExceptionMappings(mappings);
return resolver;
}
要使用注解,需要在MyShiroRealm中setPermissions or setRole
######回复 @夏碌冬藏 :这个 肯定比配啊,就算是不匹配 那么 也会跳转到 没有权限的界面去。。现在是 注解没生效,不管 匹没匹配 都 能进入这个界面######回复 @我叫程序猿不叫码农 : 那就要看你@RequiresPermissions(??)的内容跟set的内容是否匹配了######这个有定义的######问题解决了么 ? 我遇到了和你同样的问题 各种尝试都没有解决 求指点
######https://my.oschina.net/u/3387320/blog/3010315
版权声明:本文内容由阿里云实名注册用户自发贡献,版权归原作者所有,阿里云开发者社区不拥有其著作权,亦不承担相应法律责任。具体规则请查看《阿里云开发者社区用户服务协议》和《阿里云开发者社区知识产权保护指引》。如果您发现本社区中有涉嫌抄袭的内容,填写侵权投诉表单进行举报,一经查实,本社区将立刻删除涉嫌侵权内容。