2. 程式人生 > >springboot整合shiro本地執行沒問題,部署到ubutun伺服器報錯org.apache.shiro.UnavailableSecurityManagerException: 求助

springboot整合shiro本地執行沒問題,部署到ubutun伺服器報錯org.apache.shiro.UnavailableSecurityManagerException: 求助

阿新 發佈:2018-12-30

最近學習springboot框架,整合了shiro許可權,本地執行沒毛病,但是蛋疼了,釋出到伺服器,訪問都會報錯:

org.apache.shiro.UnavailableSecurityManagerException: No SecurityManager accessible to the calling code, either bound to the org.apache.shiro.util.ThreadContext or as a vm static singleton.  This is an invalid application configuration.
at org.apache.shiro.SecurityUtils.getSecurityManager(SecurityUtils.java:123)
at org.apache.shiro.subject.Subject$Builder.<init>(Subject.java:627)
at org.apache.shiro.SecurityUtils.getSubject(SecurityUtils.java:56)
at com.example.demo.session.SessionBuild.getLoginUser(SessionBuild.java:99)
at com.example.demo.interceptor.loginInterceptor.preHandle(loginInterceptor.java:26)
at org.springframework.web.servlet.HandlerExecutionChain.applyPreHandle(HandlerExecutionChain.java:136)
at org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:986)
at org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:925)
at org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:974)
at org.springframework.web.servlet.FrameworkServlet.doGet(FrameworkServlet.java:866)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:687)
at org.springframework.web.servlet.FrameworkServlet.service(FrameworkServlet.java:851)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:790)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:231)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
at org.apache.catalina.core.ApplicationDispatcher.invoke(ApplicationDispatcher.java:728)
at org.apache.catalina.core.ApplicationDispatcher.processRequest(ApplicationDispatcher.java:472)
at org.apache.catalina.core.ApplicationDispatcher.doForward(ApplicationDispatcher.java:395)
at org.apache.catalina.core.ApplicationDispatcher.forward(ApplicationDispatcher.java:316)
at org.apache.catalina.core.StandardHostValve.custom(StandardHostValve.java:395)
at org.apache.catalina.core.StandardHostValve.status(StandardHostValve.java:254)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:177)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:81)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:87)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:342)
at org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:803)
at org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:66)
at org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:790)
at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1468)
at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
at java.lang.Thread.run(Thread.java:748)

2018-06-20 17:05:05.207  WARN 9087 --- [nio-8888-exec-2] .m.m.a.ExceptionHandlerExceptionResolver : Failed to invoke @ExceptionHandler method: public java.lang.Object com.example.demo.exception.GlobalExceptionHandler.RuntimeExceptionHandler(javax.servlet.http.HttpServletRequest,java.lang.RuntimeException)

很是無奈,shiro配置如下:

@Configuration
public class ShiroConfig {
    /**
     * LifecycleBeanPostProcessor,這是個DestructionAwareBeanPostProcessor的子類,
     * 負責org.apache.shiro.util.Initializable型別bean的生命週期的,初始化和銷燬。
     * 主要是AuthorizingRealm類的子類,以及EhCacheManager類。
     */
@Bean(name = "lifecycleBeanPostProcessor")
    public 
 
LifecycleBeanPostProcessor lifecycleBeanPostProcessor() {
        return new LifecycleBeanPostProcessor();
    }

    /**
     * HashedCredentialsMatcher,這個類是為了對密碼進行編碼的,
     * 防止密碼在資料庫裡明碼儲存,當然在登陸認證的時候,
     * 這個類也負責對form裡輸入的密碼進行編碼。
     */
@Bean(name = "hashedCredentialsMatcher")
    public HashedCredentialsMatcher hashedCredentialsMatcher() {
        HashedCredentialsMatcher credentialsMatcher = new HashedCredentialsMatcher();
        credentialsMatcher.setHashAlgorithmName("MD5");
        credentialsMatcher.setHashIterations(2);
        credentialsMatcher.setStoredCredentialsHexEncoded(true);
        return credentialsMatcher;
    }

    /**ShiroRealm,這是個自定義的認證類,繼承自AuthorizingRealm,
     * 負責使用者的認證和許可權的處理,可以參考JdbcRealm的實現。
     */
@Bean(name = "shiroRealm")
    @DependsOn("lifecycleBeanPostProcessor")
    public ShiroRealm shiroRealm() {
        ShiroRealm realm = new ShiroRealm();
//        realm.setCredentialsMatcher(hashedCredentialsMatcher());
return realm;
    }

//    /**
//     * EhCacheManager,快取管理,使用者登陸成功後,把使用者資訊和許可權資訊快取起來,
//     * 然後每次使用者請求時,放入使用者的session中,如果不設定這個bean,每個請求都會查詢一次資料庫。
//     */
//    @Bean(name = "ehCacheManager")
//    @DependsOn("lifecycleBeanPostProcessor")
//    public EhCacheManager ehCacheManager() {
//        return new EhCacheManager();
//    }
    /**
     * SecurityManager,許可權管理,這個類組合了登陸,登出,許可權,session的處理,是個比較重要的類。
     //     */
@Bean(name = "securityManager")
    public DefaultWebSecurityManager securityManager() {
        DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager();
        securityManager.setRealm(shiroRealm());
//        securityManager.setCacheManager(ehCacheManager());
return securityManager;
    }

    /**
     * ShiroFilterFactoryBean,是個factorybean,為了生成ShiroFilter。
     * 它主要保持了三項資料,securityManager,filters,filterChainDefinitionManager。
     */
@Bean(name = "shiroFilter")
    public ShiroFilterFactoryBean shiroFilterFactoryBean() {
        ShiroFilterFactoryBean shiroFilterFactoryBean = new ShiroFilterFactoryBean();
        shiroFilterFactoryBean.setSecurityManager(securityManager());

        Map<String, Filter> filters = new LinkedHashMap<>();
        LogoutFilter logoutFilter = new LogoutFilter();
        logoutFilter.setRedirectUrl("/login");
//        filters.put("logout",null);
shiroFilterFactoryBean.setFilters(filters);

        Map<String, String> filterChainDefinitionManager = new LinkedHashMap<String, String>();
        filterChainDefinitionManager.put("/logout", "logout");
        filterChainDefinitionManager.put("/user/**", "authc,roles[ROLE_USER]");//使用者為ROLE_USER 角色可以訪問。由使用者角色控制使用者行為。
filterChainDefinitionManager.put("/events/**", "authc,roles[ROLE_ADMIN]");
        //        filterChainDefinitionManager.put("/user/edit/**", "authc,perms[user:edit]");// 這裡為了測試,固定寫死的值,也可以從資料庫或其他配置中讀取,此處是用許可權控制
filterChainDefinitionManager.put("/**", "anon");
        shiroFilterFactoryBean.setFilterChainDefinitionMap(filterChainDefinitionManager);


        shiroFilterFactoryBean.setSuccessUrl("/");
        shiroFilterFactoryBean.setUnauthorizedUrl("/403");
        return shiroFilterFactoryBean;
    }

    /**
     * DefaultAdvisorAutoProxyCreator,Spring的一個bean,由Advisor決定對哪些類的方法進行AOP代理。
     */
@Bean
    @ConditionalOnMissingBean
public DefaultAdvisorAutoProxyCreator defaultAdvisorAutoProxyCreator() {
        DefaultAdvisorAutoProxyCreator defaultAAP = new DefaultAdvisorAutoProxyCreator();
        defaultAAP.setProxyTargetClass(true);
        return defaultAAP;
    }

    /**
     * AuthorizationAttributeSourceAdvisor,shiro裡實現的Advisor類,
     * 內部使用AopAllianceAnnotationsAuthorizingMethodInterceptor來攔截用以下註解的方法。
     */
@Bean
public AuthorizationAttributeSourceAdvisor authorizationAttributeSourceAdvisor() {
        AuthorizationAttributeSourceAdvisor aASA = new AuthorizationAttributeSourceAdvisor();
        aASA.setSecurityManager(securityManager());
        return aASA;
    }

}
也有自定義攔截器

求大神指點。。。。


相關推薦

springboot整合shiro本地執行問題部署ubutun伺服器org.apache.shiro.UnavailableSecurityManagerException: 求助

最近學習springboot框架,整合了shiro許可權,本地執行沒毛病,但是蛋疼了,釋出到伺服器,訪問都會報錯:org.apache.shiro.UnavailableSecurityManagerException: No SecurityManager accessib

Shiroorg.apache.shiro.session.UnknownSessionException: There is no session with id

錯誤資訊 5:59:12.430 [http-nio-8080-exec-19] DEBUG o.a.shiro.mgt.DefaultSecurityManager - Resolved SubjectContext context session is invalid. Ignor

shiro org.apache.shiro.UnavailableSecurityManagerException

自己照著教程搭springboot+mybatis+shiro前後端分離的一個框架。碰到了問題,幾天了,很困惑,煩請知道的朋友給點建議org.apache.shiro.UnavailableSecurityManagerException: No SecurityManage

shiroorg.apache.shiro.UnavailableSecurityManagerException

org.apache.shiro.UnavailableSecurityManagerException: No SecurityManager accessible to the calling code, either bound to the org.apache.s

springboot本地開發通過部署伺服器上失敗無法訪問

自己在本地開發以及測試是沒有問題,但是部署到伺服器上之後訪問失敗,先看一下我的簡單配置吧 pom.xml檔案:工程的打包方式為war 將spring-boot-starter-tomcat的範圍設定為provided, spring-boot-starter-tom

配置MapReduce插件時彈窗org/apache/hadoop/eclipse/preferences/MapReducePreferencePage : Unsupported major.minor version 51.0(Hadoop2.7.3集群部署

ava 不一致 nbsp 1.0 log class dll blog 無效 原因: hadoop-eclipse-plugin-2.7.3.jar 編譯的jdk版本和eclipse啟動使用的jdk版本不一致導致。 解決方案一: 修改myeclipse.ini文件

SpringBoot整合mybatisorg.apache.ibatis.binding.BindingException: Invalid bound statement not found異常

問題記錄 問題是:找不到你專案對映檔案(*.xml) 在application.properties檔案中新增 mybatis.mapper-locations=classpath*:/mapper/**Mapper.xml 如果屬性檔案是.yml的,新增 mybati

解決Revit開發程式執行按ESC退出問題

對特定的異常進行捕獲和報錯  try { var reference = uidoc.Selection.PickObject(ObjectType.Element, "請選擇您要檢視的元素"); } catch (Autodesk.Revit.Exceptions.Opera

eclipse新建springboot專案org.apache.maven.archiver.MavenArchiver.getManifest

專案截圖:eclipse提示:org.apache.maven.archiver.MavenArchiver.getManifest(org.apache.maven.project.MavenProj

使用STS建立springboot專案pom.xml檔案org.apache.maven.archiver.MavenArchiver.getManifest

首先我的STS版本時:3.7.3 解決辦法:->help->Install New Software -> add->location ->輸入: http://repo1.maven.org/maven2/.m2e/connectors/m2eclipse-mave

ThinkPHP在本地做好的專案遷移放到伺服器

       這是一個低階錯誤哈,Warning: include(): Failed opening 'D:\wamp\www\oioi\ThinkPHP\Library/Think/Log.class.php' ……,看到這兒就懂了

maven 專案mybatisorg.apache.ibatis.binding.BindingException: Invalid bound statement (not found):

maven管理的spring專案在打包install啟動後,mybatis報錯org.apache.ibatis.binding.BindingException: Invalid bound statement (not found): … 錯誤描述: 專案使用mybat

eclipse遠端連線hadoop2-5.0執行程式org.apache.hadoop.io.nativeio.NativeIO$Windows

eclipse遠端連線hadoop2-5.0執行程式報錯nativeio: Exception in thread "main" java.lang.UnsatisfiedLinkError: org.apache.hadoop.io.nativeio.NativeIO$W

storm整合kafkaorg.apache.zookeeper.KeeperException$NoNodeException: KeeperErrorCode = NoNode for ...

寫了一個storm整合kfaka的程式,kafkaSpout消費的資料作為storm的資料來源。執行報錯如下: java.lang.RuntimeException: java.lang.RuntimeException: org.apache.zookeeper.Keep

SpringBoot+mybatis 異常org.apache.ibatis.binding.BindingException

之前搭建過Springboot專案沒事,但昨天搭建的一個專案總是報錯而且一直報的是 org.apache.ibatis.binding.BindingException 異常,其他的都能執行,扯了一天,各種辦法都找遍了,就是無法解決。網上對於這一問題的解決方案說來說去就是這幾種 1.包名

Springboot中引入本地jar包並通過maven把專案打成可執行jar包

       最近把以往的老專案用SpringBoot進行了重構,老專案中有部分本地依賴包不是放在maven庫裡的,是本地開發直接引入,需要在mvn package的時候把本地依賴jar也打進可執行包中。 這種通用問題,在網上找了一圈卻沒發現什麼好的解決辦

SpringBoot 整合mybatis 及使用generatorpageHelper外掛

SpringBoot 整合mybatis 及使用generator,pageHelper外掛 一.新建springBoot專案 next next next finish 二.pom檔案配置 <?xml version="1.0" encoding="UTF-8

SpringBoot整合Druid連線池Caused by: java.lang.ClassNotFoundException: org.apache.log4j

github:https://github.com/alibaba/druid SpringBoot版本:1.5.9.RELEASE   預設使用的日誌框架為log4j2 在配置 Druid 資料監控時,進行了如下配置 # 配置監控統計攔截的filters,去掉後

springboot-整合redis:做快取做分散式共享session

springboot-整合redis:做快取,做分散式共享session 文章目錄 springboot-整合redis:做快取,做分散式共享session 1.redis應用場景 2配置 3.測試 完整

MVC本地執行正常釋出之後 0x80131040

mvc在本地已經執行正常了,釋出之後有一頁出現錯誤,之後在server上直接執行,報錯如下: Exception Details: System.IO.FileLoadException: Could not load file or assembly 'System.Web