JFinal集成Shiro时Realm不能被调用
按照玛雅牛写的JFinal集成Shiro的例子配了下,发现自己写的继承自AuthorizingRealm的ShiroDbRealm类始终无法被调用,以下是我的shiro.ini、web.xml的配置和ShiroDbRealm的代码
shiro.ini
[main] #realm myRealm = com.demo.common.ShiroDbRealm securityManager.realm = $myRealm #cache shiroCacheManager = org.apache.shiro.cache.ehcache.EhCacheManager shiroCacheManager.cacheManagerConfigFile = classpath:ehcache-shiro.xml securityManager.cacheManager = $shiroCacheManager #session sessionDAO = org.apache.shiro.session.mgt.eis.EnterpriseCacheSessionDAO sessionManager = org.apache.shiro.web.session.mgt.DefaultWebSessionManager sessionDAO.activeSessionsCacheName = shiro-activeSessionCache sessionManager.sessionDAO = $sessionDAO securityManager.sessionManager = $sessionManager securityManager.sessionManager.globalSessionTimeout = 360000 #这里的规则,web.xml中的配置的ShiroFilter会使用到。 [urls] /** = anon /login = authc /logout = logout /css/** = anon /error/** = anon /images/** = anon /js/** = anon
<?xml version="1.0" encoding="UTF-8"?> <web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://java.sun.com/xml/ns/javaee" xmlns:web="http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd" xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd" id="WebApp_ID" version="2.5"> <listener> <listener-class>org.apache.shiro.web.env.EnvironmentLoaderListener</listener-class> </listener> <filter> <filter-name>shiro</filter-name> <filter-class>org.apache.shiro.web.servlet.ShiroFilter</filter-class> </filter> <filter-mapping> <filter-name>shiro</filter-name> <url-pattern>/*</url-pattern> </filter-mapping> <filter> <filter-name>jfinal</filter-name> <filter-class>com.jfinal.core.JFinalFilter</filter-class> <init-param> <param-name>configClass</param-name> <param-value>com.demo.common.DemoConfig</param-value> </init-param> </filter> <filter-mapping> <filter-name>jfinal</filter-name> <url-pattern>/*</url-pattern> </filter-mapping> </web-app>
ShiroDbRealm.java
public class ShiroDbRealm extends AuthorizingRealm{ /** * 认证回调函数,登录时调用. */ @Override protected AuthenticationInfo doGetAuthenticationInfo( AuthenticationToken authcToken) throws AuthenticationException { UsernamePasswordToken token = (UsernamePasswordToken) authcToken; String userName = token.getUsername().toString(); String password = token.getPassword().toString(); User user = User.getUser(userName, password); if(user != null){ return new SimpleAuthenticationInfo(new ShiroUser(user.getLong("id"), user.getStr("name"), user.getStr("email")), user.getStr("password"), user.getStr("name")); }else { return null; } } /** * 授权查询回调函数, 进行鉴权但缓存中无用户的授权信息时调用. */ @Override protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) { ShiroUser shiroUser = (ShiroUser) principals.getPrimaryPrincipal(); Long userId = shiroUser.id; SimpleAuthorizationInfo info = new SimpleAuthorizationInfo(); List<Role> userRoleList = Role.getRoleList(userId); List<String> resourceStrList = new ArrayList<String>(); for(Role roleTemp : userRoleList){ Long roleId = roleTemp.getLong("id"); List<Resources> resourcesList = Resources.getResourcesList(roleId); for(Resources resTemp : resourcesList){ resourceStrList.add(resTemp.getStr("action_key")); } } info.addRoles(resourceStrList); return info; } /** * 自定义Authentication对象,使得Subject除了携带用户的登录名外还可以携带更多信息. */ public static class ShiroUser implements Serializable { //自定义的ShiroUser } }
DemoConfig.java
public class DemoConfig extends JFinalConfig { Routes routes; /** * 配置常量 */ public void configConstant(Constants me) { loadPropertyFile("a_little_config.txt"); // 加载少量必要配置,随后可用getProperty(...)获取值 me.setDevMode(getPropertyToBoolean("devMode", false)); me.setViewType(ViewType.JSP); // 设置视图类型为Jsp,否则默认为FreeMarker me.setErrorView(401, "/common/login.jsp"); me.setErrorView(403, "/common/login.jsp"); me.setError404View("/common/404.jsp"); me.setError500View("/common/500.jsp"); } /** * 配置路由 */ public void configRoute(Routes me) { this.routes = me; me.add("/", CommonController.class); me.add("/common", CommonController.class); me.add("/blog", BlogController.class); me.add("/user", UserController.class); me.add("/resources", ResourcesController.class); me.add("role", RoleController.class); } /** * 配置插件 */ public void configPlugin(Plugins me) { // 配置C3p0数据库连接池插件 C3p0Plugin c3p0Plugin = new C3p0Plugin(getProperty("jdbcUrl"), getProperty("user"), getProperty("password").trim()); me.add(c3p0Plugin); // 配置ActiveRecord插件 ActiveRecordPlugin arp = new ActiveRecordPlugin(c3p0Plugin); me.add(arp); arp.addMapping("jf_demo_blog", Blog.class); // 映射blog 表到 Blog模型 arp.addMapping("jf_demo_user", User.class); arp.addMapping("jf_demo_role", Role.class); arp.addMapping("jf_demo_resources", Resources.class); me.add(new ShiroPlugin(routes)); } /** * 配置全局拦截器 */ public void configInterceptor(Interceptors me) { me.add(new ShiroInterceptor()); } /** * 配置处理器 */ public void configHandler(Handlers me) { } /** * 运行此 main 方法可以启动项目,此main方法可以放置在任意的Class类定义中,不一定要放于此 */ public static void main(String[] args) { JFinal.start("WebRoot", 8080, "/", 5); } }
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(6)
问题解决了吗?我也遇到同样的问题了 ,如果解决了,希望楼主解答。
是不是不停的在ShiroInterceptor循环跑?
是的话,在config文件里面的configPlugin(Plugins me)加上几个url就可以了
shiroPlugin.setLoginUrl("/login");
没有报错,只是在ShiroInterceptor处理的时候说没有权限访问。 [http-8080-3] WARN [com.jfinal.core.ActionHandler] - 401 Unauthorized: /blog/
回复
看了一下,我跟你的唯一区别就是我没有配置urls
你好,问题解决了么,我也出现401 的问题
报错不啊?能不能上一些报错的代码?