java - 关于shiro在spring boot下自动登录的问题?
问题描述
我想实现shiro rememberMe之后,再次访问后自动登录并把一些用户信息再存入session
我现在是按照http://blog.csdn.net/Q_AN1314...这篇文章,写了一个过滤器,但是在过滤器里获取subject时出现错误
org.apache.shiro.UnavailableSecurityManagerException: No SecurityManager accessible to the calling code, either bound to the org.apache.shiro.util.ThreadContext or as a vm static singleton. This is an invalid application configuration.
这是过滤器
public class AddPrincipalToSessionFilter extends OncePerRequestFilter { @Resource private ManagerService managerService; @Override protected void doFilterInternal(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws ServletException, IOException {Subject subject = SecurityUtils.getSubject();if (subject.isRemembered()) { String principal = (String) subject.getPrincipal(); Manager manager = managerService.queryManager(principal); //将用户信息存入session ContextHelper.saveLoginUserInfoToSeesion(manager);}filterChain.doFilter(servletRequest, servletResponse); }}
这是shiroFilter
@Bean @Autowired public ShiroFilterFactoryBean shiroFilter(SecurityManager securityManager) {ShiroFilterFactoryBean shiroFilterFactoryBean = new ShiroFilterFactoryBean();// 必须设置 SecurityManagershiroFilterFactoryBean.setSecurityManager(securityManager);Map<String, Filter> filters = shiroFilterFactoryBean.getFilters();//获取filtersfilters.put('authc', new CustomFormAuthenticationFilter());//验证码过滤器filters.put('addPrincipal', addPrincipalToSessionFilter());//rememberMe存session过滤器//拦截器.Map<String, String> filterChainDefinitionMap = new LinkedHashMap<>();//配置退出过滤器,其中的具体的退出代码Shiro已经替我们实现了filterChainDefinitionMap.put('/logout', 'logout');filterChainDefinitionMap.put('/favicon.ico', 'anon');filterChainDefinitionMap.put('/js/**', 'anon');filterChainDefinitionMap.put('/css/**', 'anon');filterChainDefinitionMap.put('/img/**', 'anon');filterChainDefinitionMap.put('/fonts/**', 'anon');filterChainDefinitionMap.put('/icons/**', 'anon');filterChainDefinitionMap.put('/error/**', 'anon');filterChainDefinitionMap.put('/validateCode', 'anon');//配置记住我或认证通过可以访问的地址filterChainDefinitionMap.put('/', 'addPrincipal,user');filterChainDefinitionMap.put('/index', 'addPrincipal,user');filterChainDefinitionMap.put('/index.html', 'addPrincipal,user');//<!-- 过滤链定义,从上向下顺序执行,一般将 /**放在最为下边//<!-- authc:所有url都必须认证通过才可以访问; anon:所有url都都可以匿名访问-->filterChainDefinitionMap.put('/**', 'authc');shiroFilterFactoryBean.setFilterChainDefinitionMap(filterChainDefinitionMap);// 如果不设置默认会自动寻找Web工程根目录下的'/login.jsp'页面shiroFilterFactoryBean.setLoginUrl('/login.html');// 登录成功后要跳转的链接shiroFilterFactoryBean.setSuccessUrl('/index.html');// 未授权要跳转的链接shiroFilterFactoryBean.setUnauthorizedUrl('/error/403');return shiroFilterFactoryBean; }}
请问一下大家这是怎么回事?或者大家有什么更好的实现方法请指教一下
问题解答
回答1:已解决 1.这个bean的注入一定要在shiroFilter下面
@Beanpublic AddPrincipalToSessionFilter addPrincipalToSessionFilter(){ return new AddPrincipalToSessionFilter();}
2.user要写在addPrincipal前面 filterChainDefinitionMap.put('/', 'user,addPrincipal');
相关文章:
1. angular.js - 指令交互问题,未找到依赖指令2. angular.js - angular.module中模块的名字一定要和ng-app属性的值一样吗3. angular.js - 关于angular的select的问题4. git - hexo怎么创建无模板的静态html?5. 执行composer require mews/captcha报错Your requirements6. javascript - 关于单选框的问题,小白一枚,希望有人帮帮忙7. android listview 每行的金额 求总和8. 新人做网站求帮助9. java - Mybatis映射问题10. 求助一个Android控件名称
网公网安备