搜索

首页  >  问答  >  正文

java - 关于shiro在spring boot下自动登录的问题?

我想实现shiro rememberMe之后,再次访问后自动登录并把一些用户信息再存入session

我现在是按照http://blog.csdn.net/Q_AN1314...这篇文章,写了一个过滤器,但是在过滤器里获取subject时出现错误

org.apache.shiro.UnavailableSecurityManagerException: No SecurityManager accessible to the calling code, either bound to the org.apache.shiro.util.ThreadContext or as a vm static singleton.  This is an invalid application configuration.

这是过滤器

public class AddPrincipalToSessionFilter extends OncePerRequestFilter {
    @Resource
    private ManagerService managerService;

    @Override
    protected void doFilterInternal(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws ServletException, IOException {
        Subject subject = SecurityUtils.getSubject();
        if (subject.isRemembered()) {
            String principal = (String) subject.getPrincipal();
            Manager manager = managerService.queryManager(principal);
            //将用户信息存入session
            ContextHelper.saveLoginUserInfoToSeesion(manager);
        }
        filterChain.doFilter(servletRequest, servletResponse);
    }
}

这是shiroFilter

@Bean
    @Autowired
    public ShiroFilterFactoryBean shiroFilter(SecurityManager securityManager) {
        ShiroFilterFactoryBean shiroFilterFactoryBean = new ShiroFilterFactoryBean();
        // 必须设置 SecurityManager
        shiroFilterFactoryBean.setSecurityManager(securityManager);

        Map<String, Filter> filters = shiroFilterFactoryBean.getFilters();//获取filters
        filters.put("authc", new CustomFormAuthenticationFilter());//验证码过滤器
        filters.put("addPrincipal", addPrincipalToSessionFilter());//rememberMe存session过滤器

        //拦截器.
        Map<String, String> filterChainDefinitionMap = new LinkedHashMap<>();

        //配置退出过滤器,其中的具体的退出代码Shiro已经替我们实现了
        filterChainDefinitionMap.put("/logout", "logout");
        filterChainDefinitionMap.put("/favicon.ico", "anon");
        filterChainDefinitionMap.put("/js/**", "anon");
        filterChainDefinitionMap.put("/css/**", "anon");
        filterChainDefinitionMap.put("/img/**", "anon");
        filterChainDefinitionMap.put("/fonts/**", "anon");
        filterChainDefinitionMap.put("/icons/**", "anon");
        filterChainDefinitionMap.put("/error/**", "anon");
        filterChainDefinitionMap.put("/validateCode", "anon");
        //配置记住我或认证通过可以访问的地址
        filterChainDefinitionMap.put("/", "addPrincipal,user");
        filterChainDefinitionMap.put("/index", "addPrincipal,user");
        filterChainDefinitionMap.put("/index.html", "addPrincipal,user");
        //<!-- 过滤链定义,从上向下顺序执行,一般将 /**放在最为下边
        //<!-- authc:所有url都必须认证通过才可以访问; anon:所有url都都可以匿名访问-->
        filterChainDefinitionMap.put("/**", "authc");
        shiroFilterFactoryBean.setFilterChainDefinitionMap(filterChainDefinitionMap);

        // 如果不设置默认会自动寻找Web工程根目录下的"/login.jsp"页面
        shiroFilterFactoryBean.setLoginUrl("/login.html");
        // 登录成功后要跳转的链接
        shiroFilterFactoryBean.setSuccessUrl("/index.html");
        // 未授权要跳转的链接
        shiroFilterFactoryBean.setUnauthorizedUrl("/error/403");

        return shiroFilterFactoryBean;
    }

}

请问一下大家这是怎么回事?或者大家有什么更好的实现方法请指教一下

巴扎黑巴扎黑2807 天前1333

全部回复(1)我来回复

  • 伊谢尔伦

    伊谢尔伦2017-04-18 10:57:36

    已解决
    1.这个bean的注入一定要在shiroFilter下面

    @Bean
    public AddPrincipalToSessionFilter addPrincipalToSessionFilter(){
        return  new AddPrincipalToSessionFilter();
    }
       

    2.user要写在addPrincipal前面
    filterChainDefinitionMap.put("/", "user,addPrincipal");

    回复
    0
  • 取消回复