10,607
社区成员
发帖
与我相关
我的任务
分享spring+shiro调用SecurityUtils.getSubject()方法报错
部分web.xml配置文件:
spring配置shiro文件:
controller:
shiroDbRealm:
报错内容:
No SecurityManager accessible to the calling code, either bound to the org.apache.shiro.util.ThreadContext or as a vm static singleton. This is an invalid application configuration.
来个大神帮帮忙
<listener>
<listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
</listener>
<servlet>
<servlet-name>springmvc</servlet-name>
<servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
<init-param>
<param-name>contextConfigLocation</param-name>
<param-value>classpath*:config/Springmvc-servlet.xml</param-value>
</init-param>
<load-on-startup>1</load-on-startup>
</servlet>
<servlet-mapping>
<servlet-name>springmvc</servlet-name>
<url-pattern>/</url-pattern>
</servlet-mapping>
<!-- 设置springmvc不对css、js进行拦截 -->
<servlet-mapping>
<servlet-name>default</servlet-name>
<url-pattern>*.css</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>default</servlet-name>
<url-pattern>*.gif</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>default</servlet-name>
<url-pattern>*.jpg</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>default</servlet-name>
<url-pattern>*.png</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>default</servlet-name>
<url-pattern>*.js</url-pattern>
</servlet-mapping>
<!-- Shiro filter -->
<filter>
<filter-name>shiroFilter</filter-name>
<filter-class>
org.springframework.web.filter.DelegatingFilterProxy
</filter-class>
<init-param>
<param-name>targetFilterLifecycle</param-name>
<param-value>true</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>shiroFilter</filter-name>
<url-pattern>.jsp</url-pattern>
</filter-mapping>spring配置shiro文件:
<!-- 注解式事务 -->
<tx:annotation-driven transaction-manager="transactionManager" />
<!-- Shiro Filter -->
<bean id="shiroFilter"
class="org.apache.shiro.spring.web.ShiroFilterFactoryBean">
<property name="securityManager" ref="securityManager" />
<property name="loginUrl" value="/" />
<property name="successUrl" value="/system/main" />
<property name="unauthorizedUrl" value="/system/error" />
<property name="filterChainDefinitions">
<value>
<!-- anon:匿名访问 authc:通过认证才可访问 -->
/login/login = anon
/login/validateCode = anon
/** = authc
</value>
</property>
</bean>
<bean id="securityManager"
class="org.apache.shiro.web.mgt.DefaultWebSecurityManager">
<property name="realm" ref="shiroDbRealm" />
</bean>
<!-- 項目自定义的Realm -->
<bean id="shiroDbRealm" class="com.ninemax.utils.realm.ShiroDbRealm" ></bean>controller:
@RequestMapping("/login2")
public String login(Login currUser,HttpSession session,HttpServletRequest req){
String sessionCode=(String) session.getAttribute("validateCode");
String formCode=WebUtils.getCleanParam(req, "validateCode");
if(StringUtils.isEmpty(formCode)||!StringUtils.equals(sessionCode, formCode)){
return "redirect:/";
}
//得到主体 1.
Subject user=SecurityUtils.getSubject();
//获取用户凭证信息
UsernamePasswordToken token=new UsernamePasswordToken(currUser.getManagerPassword(), currUser.getManagerPassword());
//"已记住"和"已认证"是有区别的,并非是认证通过的用户
token.setRememberMe(true);
try{
//提交凭证信息(token:数据库,user:传过来的值)
user.login(token);
// 跳转到用户方法
return "redirect:/user/index";
}catch(Exception e){
return "login/login";
}
}shiroDbRealm:
package com.ninemax.utils.realm;
import javax.annotation.Resource;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.SimpleAuthenticationInfo;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import com.ninemax.login.model.Login;
import com.ninemax.login.service.LoginService;
public class ShiroDbRealm extends AuthorizingRealm{
@Resource
private LoginService loginService;
/**
* 授权回调函数(将用户的角色和权限添加到认证器中).
*
* @param principals 身份认证(唯一)
*/
@Override
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
//认证器
SimpleAuthorizationInfo info=new SimpleAuthorizationInfo();
//获取当前登录的用户名
String account=(String)super.getAvailablePrincipal(principals);
Login user=loginService.queryUser(account);
if(user==null){
return null;
}
return info;
}
/**
* 认证回调函数,登录时调用.
*/
@Override
protected AuthenticationInfo doGetAuthenticationInfo(
AuthenticationToken authcToken) throws AuthenticationException {
//转换成用户认证
UsernamePasswordToken token=(UsernamePasswordToken)authcToken;
//通过用户部分信息获取用户
Login user=loginService.queryUser(token.getUsername());
if(user!=null){
return new SimpleAuthenticationInfo(user.getManagerName(),user.getManagerPassword(),user.getManagerName());
}
return null;
}
}
报错内容:
No SecurityManager accessible to the calling code, either bound to the org.apache.shiro.util.ThreadContext or as a vm static singleton. This is an invalid application configuration.
来个大神帮帮忙
...全文
请发表友善的回复…
发表回复
Usher丶AckMan 2016-05-12
- 打赏
- 举报
找了好久都没找到什么问题
