springboot+shiro+ajax 角色的权限不足时 返回 No message available
demo使用springboot+shiro做权限管理,使用ajax操作json做数据交换。在ShiroConfig中在资源上增加角色的配置
@Configuration
public class ShiroConfig {
@Bean
public CustomRealm getCustomRealm() {
return new CustomRealm();
}
@Bean
public DefaultWebSecurityManager getSecurityManager() {
DefaultWebSecurityManager sm = new DefaultWebSecurityManager();
sm.setRealm(getCustomRealm());
return sm;
}
@Bean
public ShiroFilterFactoryBean getShiroFilterFactoryBean(
DefaultWebSecurityManager securityManager) {
ShiroFilterFactoryBean shirofilterfactorybean = new ShiroFilterFactoryBean();
shirofilterfactorybean.setSecurityManager(securityManager);
shirofilterfactorybean.setLoginUrl("/index.html");
shirofilterfactorybean.setSuccessUrl("/home");
// shirofilterfactorybean.setUnauthorizedUrl("/error");
// 配置数据库中的resource
Map<String, String> filterChainDefinitionMap = new LinkedHashMap<>();
filterChainDefinitionMap.put("/emp/**", "authc,roles[test]");
filterChainDefinitionMap.put("/home", "authc");
filterChainDefinitionMap.put("/logout", "logout");
shirofilterfactorybean.setFilterChainDefinitionMap(filterChainDefinitionMap);
// 覆盖默认shiro拦截器
Map<String, Filter> filters = new LinkedHashMap<>();
filters.put("authc", new SessionFilter());
shirofilterfactorybean.setFilters(filters);
return shirofilterfactorybean;
}
}用户:admin,对应的角色名:admin。使用用户 admin 登录后,ajax的error方法得到的内容为:
Whitelabel Error Page
=====================
This application has no explicit mapping for /error, so you are seeing this as a fallback.
Mon May 25 16:50:38 CST 2020
There was an unexpected error (type=Unauthorized, status=401).
No message available其实设置过全局的异常处理,但是debug的时候发现并没有走这段代码:
@ExceptionHandler({UnknownAccountException.class})
@ResponseBody
public ResultBean<String> unknownAccountHandler(HttpServletRequest request, Exception exception) throws Exception {
return ResultBean.error(500 , "请检查账号或密码");
}
@ExceptionHandler({LockedAccountException.class})
@ResponseBody
public ResultBean<String> lockedAccountExceptionHandler(HttpServletRequest request, Exception exception) throws Exception {
return ResultBean.error(500 , "账号被锁定,请联系管理员");
}
@ExceptionHandler({UnauthorizedException.class , AuthorizationException.class , ShiroException.class})
@ResponseBody
public ResultBean<String> unauthorizedHandler(HttpServletRequest request, Exception exception) throws Exception {
return ResultBean.error(500 , "您的权限不足");
}
@ExceptionHandler({UnauthenticatedException.class})
@ResponseBody
public ResultBean<String> unauthenticatedHandler(HttpServletRequest request, Exception exception) throws Exception {
return ResultBean.error(500 , "未授权");
}页面的ajax代码:
$.ajax({
type: "GET",
url: "./emp/search",
data: param,
dataType: "json",
contentType: "application/json;charset=utf-8",
success: function (result) {
layui.use(['laypage', 'layer'], function() {
let laypage = layui.laypage
let data = result.data
//总页数大于页码总数
laypage.render({
elem: 'demo1' ,
pages: data.pages, //通过后台拿到的总页数
count: data.total, //数据总数
curr: data.pageNum, //初始化当前页
limit: data.pageSize,
jump: function (obj , first) {
if( !first) {
getData( obj.curr )
}
}
})
displayDataList( data.list )
} )
}, error: function (xhr) {
let obj = JSON.parse(xhr.responseText)
layer.msg( obj.message )
}
请大家指教,应该如何处理
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论