解决Shiro 加权限注解失效 或者报错 This subject is anonymous
报错堆栈
org.apache.shiro.authz.UnauthenticatedException: This subject is anonymous - it does not have any identifying principals and authorization operations require an identity to check against. A Subject instance will acquire these identifying principals automatically after a successful login is performed be executing org.apache.shiro.subject.Subject.login(AuthenticationToken) or when 'Remember Me' functionality is enabled by the SecurityManager. This exception can also occur when a previously logged-in Subject has logged out which makes it anonymous again. Because an identity is currently not known due to any of these conditions, authorization is denied.at org.apache.shiro.subject.support.DelegatingSubject.assertAuthzCheckPossible(DelegatingSubject.java:203) [shiro-core-1.4.0.jar:1.4.0]at org.apache.shiro.subject.support.DelegatingSubject.checkRole(DelegatingSubject.java:244) [shiro-core-1.4.0.jar:1.4.0]at org.apache.shiro.authz.aop.RoleAnnotationHandler.assertAuthorized(RoleAnnotationHandler.java:60) ~[shiro-core-1.4.0.jar:1.4.0]at org.apache.shiro.authz.aop.AuthorizingAnnotationMethodInterceptor.assertAuthorized(AuthorizingAnnotationMethodInterceptor.java:84) ~[shiro-core-1.4.0.jar:1.4.0]at org.apache.shiro.authz.aop.AnnotationsAuthorizingMethodInterceptor.assertAuthorized(AnnotationsAuthorizingMethodInterceptor.java:100) ~[shiro-core-1.4.0.jar:1.4.0]at org.apache.shiro.authz.aop.AuthorizingMethodInterceptor.invoke(AuthorizingMethodInterceptor.java:38) ~[shiro-core-1.4.0.jar:1.4.0]at org.apache.shiro.spring.security.interceptor.AopAllianceAnnotationsAuthorizingMethodInterceptor.invoke(AopAllianceAnnotationsAuthorizingMethodInterceptor.java:115) ~[shiro-spring-1.4.0.jar:1.4.0]at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:186) ~[spring-aop-5.1.2.RELEASE.jar:5.1.2.RELEASE]at org.springframework.aop.framework.CglibAopProxy$DynamicAdvisedInterceptor.intercept(CglibAopProxy.java:688) ~[spring-aop-5.1.2.RELEASE.jar:5.1.2.RELEASE]at com.bgi.standarddatabase.usermanager.controller.ExpertTeamController$$EnhancerBySpringCGLIB$$5a62f3c0.saveExpertExpertTeam(<generated>) ~[classes/:na]at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[na:1.8.0_191]at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[na:1.8.0_191]at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[na:1.8.0_191]at java.lang.reflect.Method.invoke(Method.java:498) ~[na:1.8.0_191]at org.springframework.web.method.support.InvocableHandlerMethod.doInvoke(InvocableHandlerMethod.java:215) ~[spring-web-5.1.2.RELEASE.jar:5.1.2.RELEASE]at org.springframework.web.method.support.InvocableHandlerMethod.invokeForRequest(InvocableHandlerMethod.java:142) ~[spring-web-5.1.2.RELEASE.jar:5.1.2.RELEASE]at org.springframework.web.servlet.mvc.method.annotation.ServletInvocableHandlerMethod.invokeAndHandle(ServletInvocableHandlerMethod.java:102) ~[spring-webmvc-5.1.2.RELEASE.jar:5.1.2.RELEASE]at org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerAdapter.invokeHandlerMethod(RequestMappingHandlerAdapter.java:895) ~[spring-webmvc-5.1.2.RELEASE.jar:5.1.2.RELEASE]at org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerAdapter.handleInternal(RequestMappingHandlerAdapter.java:800) ~[spring-webmvc-5.1.2.RELEASE.jar:5.1.2.RELEASE]at org.springframework.web.servlet.mvc.method.AbstractHandlerMethodAdapter.handle(AbstractHandlerMethodAdapter.java:87) ~[spring-webmvc-5.1.2.RELEASE.jar:5.1.2.RELEASE]at org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:1038) ~[spring-webmvc-5.1.2.RELEASE.jar:5.1.2.RELEASE]at org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:942) ~[spring-webmvc-5.1.2.RELEASE.jar:5.1.2.RELEASE]at org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:998) [spring-webmvc-5.1.2.RELEASE.jar:5.1.2.RELEASE]at org.springframework.web.servlet.FrameworkServlet.doPost(FrameworkServlet.java:901) [spring-webmvc-5.1.2.RELEASE.jar:5.1.2.RELEASE]at javax.servlet.http.HttpServlet.service(HttpServlet.java:660) [tomcat-embed-core-9.0.12.jar:9.0.12]at org.springframework.web.servlet.FrameworkServlet.service(FrameworkServlet.java:875) [spring-webmvc-5.1.2.RELEASE.jar:5.1.2.RELEASE]at javax.servlet.http.HttpServlet.service(HttpServlet.java:741) [tomcat-embed-core-9.0.12.jar:9.0.12]at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:231) [tomcat-embed-core-9.0.12.jar:9.0.12]at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) [tomcat-embed-core-9.0.12.jar:9.0.12]at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:53) [tomcat-embed-websocket-9.0.12.jar:9.0.12]at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) [tomcat-embed-core-9.0.12.jar:9.0.12]at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) [tomcat-embed-core-9.0.12.jar:9.0.12]at org.apache.shiro.web.servlet.ProxiedFilterChain.doFilter(ProxiedFilterChain.java:61) [shiro-web-1.4.0.jar:1.4.0]at org.apache.shiro.web.servlet.AdviceFilter.executeChain(AdviceFilter.java:108) [shiro-web-1.4.0.jar:1.4.0]at org.apache.shiro.web.servlet.AdviceFilter.doFilterInternal(AdviceFilter.java:137) [shiro-web-1.4.0.jar:1.4.0]at org.apache.shiro.web.servlet.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:125) [shiro-web-1.4.0.jar:1.4.0]at org.apache.shiro.web.servlet.ProxiedFilterChain.doFilter(ProxiedFilterChain.java:66) [shiro-web-1.4.0.jar:1.4.0]at org.apache.shiro.web.servlet.AbstractShiroFilter.executeChain(AbstractShiroFilter.java:449) [shiro-web-1.4.0.jar:1.4.0]at org.apache.shiro.web.servlet.AbstractShiroFilter$1.call(AbstractShiroFilter.java:365) [shiro-web-1.4.0.jar:1.4.0]at org.apache.shiro.subject.support.SubjectCallable.doCall(SubjectCallable.java:90) [shiro-core-1.4.0.jar:1.4.0]at org.apache.shiro.subject.support.SubjectCallable.call(SubjectCallable.java:83) [shiro-core-1.4.0.jar:1.4.0]at org.apache.shiro.subject.support.DelegatingSubject.execute(DelegatingSubject.java:387) [shiro-core-1.4.0.jar:1.4.0]at org.apache.shiro.web.servlet.AbstractShiroFilter.doFilterInternal(AbstractShiroFilter.java:362) [shiro-web-1.4.0.jar:1.4.0]at org.apache.shiro.web.servlet.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:125) [shiro-web-1.4.0.jar:1.4.0]at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) [tomcat-embed-core-9.0.12.jar:9.0.12]at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) [tomcat-embed-core-9.0.12.jar:9.0.12]at org.springframework.web.filter.RequestContextFilter.doFilterInternal(RequestContextFilter.java:99) [spring-web-5.1.2.RELEASE.jar:5.1.2.RELEASE]at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) [spring-web-5.1.2.RELEASE.jar:5.1.2.RELEASE]at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) [tomcat-embed-core-9.0.12.jar:9.0.12]at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) [tomcat-embed-core-9.0.12.jar:9.0.12]at org.springframework.web.filter.FormContentFilter.doFilterInternal(FormContentFilter.java:92) [spring-web-5.1.2.RELEASE.jar:5.1.2.RELEASE]at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) [spring-web-5.1.2.RELEASE.jar:5.1.2.RELEASE]at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) [tomcat-embed-core-9.0.12.jar:9.0.12]at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) [tomcat-embed-core-9.0.12.jar:9.0.12]at org.springframework.web.filter.HiddenHttpMethodFilter.doFilterInternal(HiddenHttpMethodFilter.java:93) [spring-web-5.1.2.RELEASE.jar:5.1.2.RELEASE]at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) [spring-web-5.1.2.RELEASE.jar:5.1.2.RELEASE]at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) [tomcat-embed-core-9.0.12.jar:9.0.12]at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) [tomcat-embed-core-9.0.12.jar:9.0.12]at org.springframework.web.filter.CharacterEncodingFilter.doFilterInternal(CharacterEncodingFilter.java:200) [spring-web-5.1.2.RELEASE.jar:5.1.2.RELEASE]at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) [spring-web-5.1.2.RELEASE.jar:5.1.2.RELEASE]at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) [tomcat-embed-core-9.0.12.jar:9.0.12]at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) [tomcat-embed-core-9.0.12.jar:9.0.12]at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:199) [tomcat-embed-core-9.0.12.jar:9.0.12]at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:96) [tomcat-embed-core-9.0.12.jar:9.0.12]at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:490) [tomcat-embed-core-9.0.12.jar:9.0.12]at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:139) [tomcat-embed-core-9.0.12.jar:9.0.12]at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:92) [tomcat-embed-core-9.0.12.jar:9.0.12]at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:74) [tomcat-embed-core-9.0.12.jar:9.0.12]at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:343) [tomcat-embed-core-9.0.12.jar:9.0.12]at org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:408) [tomcat-embed-core-9.0.12.jar:9.0.12]at org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:66) [tomcat-embed-core-9.0.12.jar:9.0.12]at org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:770) [tomcat-embed-core-9.0.12.jar:9.0.12]at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1415) [tomcat-embed-core-9.0.12.jar:9.0.12]at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49) [tomcat-embed-core-9.0.12.jar:9.0.12]at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149) [na:1.8.0_191]at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624) [na:1.8.0_191]at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61) [tomcat-embed-core-9.0.12.jar:9.0.12]at java.lang.Thread.run(Thread.java:748) [na:1.8.0_191]
Caused by: org.apache.shiro.authz.AuthorizationException: Not authorized to invoke method: public com.bgi.standarddatabase.common.entity.result.WebResult com.bgi.standarddatabase.usermanager.controller.ExpertTeamController.saveExpertExpertTeam(com.alibaba.fastjson.JSONObject)at org.apache.shiro.authz.aop.AuthorizingAnnotationMethodInterceptor.assertAuthorized(AuthorizingAnnotationMethodInterceptor.java:90) ~[shiro-core-1.4.0.jar:1.4.0]... 74 common frames omitted
看这段报错
org.apache.shiro.authz.UnauthenticatedException: This subject is anonymous - it does not have any identifying principals and authorization operations require an identity to check against. A Subject instance will acquire these identifying principals automatically after a successful login is performed be executing org.apache.shiro.subject.Subject.login(AuthenticationToken) or when ‘Remember Me’ functionality is enabled by the SecurityManager. This exception can also occur when a previously logged-in Subject has logged out which makes it anonymous again. Because an identity is currently not known due to any of these conditions, authorization is denied.
原因:
我们都知道 调用subject.login()方法,会进入自定义的realm的两个授权方法,
后续再对某个方法方法上加
@RequiresPermissions(“Expert”)
@RequiresRoles(“string”)
权限注解,经过shiro过滤器后每次回进入自定义认证方法
但是明明有写subject.login()方法 并且有自己自定义的realm,在方法上加权限死活不生效
检查shiroconfig配置的过滤
在自己写的过滤器
@Beanpublic ShiroFilterFactoryBean shirFilter(SecurityManager securityManager) {...filterChainDefinitionMap.put("/**/**.i", "anon"); //所有 /**/**.i 路径都不需要经过shiro过滤器filterChainDefinitionMap.put("/**", "authc"); //所有 /** 路径都需要经过shiro过滤器...// 过滤链定义,从上向下顺序执行,一般将 /**放在最为下边 :这是一个坑呢,一不小心代码就不好使了;// ① authc:所有url都必须认证通过才可以访问; ② anon:所有url都都可以匿名访问filterChainDefinitionMap.put("/**", "authc");shiroFilterFactoryBean.getFilters().put("authc",new ShiroTokenFilter());shiroFilterFactoryBean.setFilterChainDefinitionMap(filterChainDefinitionMap);return shiroFilterFactoryBean;
}
既然把所有.i结尾的后缀都不经过shiro处理,自然访问这个方法不会进入shiro 认证 授权
但是又在对应的.i结尾的接口上加 权限注解就会报这个错
因为不进入shiro过滤 ,就不会进入shiro过滤器,来调用你subject.login() 从而进入认证和授权的方法
当你再不经过shiro过滤器 加上权限注解就会报错
This subject is anonymous - it does not have any identifying principals and authorization operations require an identity to check against.
解决
所有的.i结尾的接口必须要经过过滤器 ,这样再controller上.i结尾的接口加上权限注解都不会报这个错误了。
解释把这段代码注释掉,就默认.i结尾的请求要经过shiro过滤器(ShiroTokenFilter)
这个里面会调用subject.login()方法
解决Shiro 加权限注解失效 或者报错 This subject is anonymous相关推荐
- Spring中解决事务以及异步注解失效
Spring中解决事务以及异步注解失效 一.重现@Transaction失效的场景 有如下业务场景,新增订单后,自动发送短信,下面的代码在同一个类中: @Transaction public void ...
- django项目启动加载训练的模型报错OSError: Unable to open file (unable to open file: name = ‘model/model_weigh完美解决
1.原因分析 此错误原因多样通过网上整理有一下几种 ①h5py版本过高 ,重装h5py ② 相对路径改成绝对路径 ③文件无权限访问,点击文件属性,点击高级.赋予权限 ④这个是我报错的解决办法 因为他单 ...
- android+添加网络权限,已在AndroidManifest.xml增添网络权限,运行还报错
已在AndroidManifest.xml添加网络权限,运行还报错 已在AndroidManifest.xml添加网络权限,运行还报错,然后添加网络相关一系列权限,问题仍在,求解. AndroidMa ...
- php fpm 日志记录,如何解决nginx下php-fpm不记录php报错日志的问题
如何解决nginx下php-fpm不记录php报错日志的问题 发布时间:2020-07-28 10:17:29 来源:亿速云 阅读:150 作者:Leah 本篇文章为大家展示了如何解决nginx下ph ...
- 解决MySQL事务未提交导致死锁报错 避免死锁的方法
版权声明:本文为博主原创文章,遵循 CC 4.0 by-sa 版权协议,转载请附上原文出处链接和本声明. 本文链接:https://blog.csdn.net/xuheng8600/article/d ...
- 加sudo后执行.sh报错command not found
今天执行一个.sh文件时,刚开始没加sudo,报了错: jetson1@jetson1-desktop:~/librealsense/scripts$ ./setup_udev_rules.sh -b ...
- python安装过程中出现文件或目录损坏且无法读取_解决安装python库时windows error5 报错的问题...
python安装库时,有时候会报错windows error 5,可以尝试关闭所有使用python的编辑器.文件等,然后重新pip安装,如果还是不行,可以将报错最下层文件删除即可(如果不放心可以将该文 ...
- python安装失败找不到指定路径_解决安装python库时windows error5 报错的问题
python安装库时,有时候会报错windows error 5,可以尝试关闭所有使用python的编辑器.文件等,然后重新pip安装,如果还是不行,可以将报错最下层文件删除即可(如果不放心可以将该文 ...
- VMBox加载拷贝的vid报错E_INVALIDARG (0x80070057) Cannot register the hard disk 'D:\VMBox\win7.vdi' {7bca5a3
VMBox加载拷贝的vid报错E_INVALIDARG (0x80070057) Cannot register the hard disk 'D:\VMBox\win7.vdi' {7bca5a3e ...
- 解决Prefix must be in canonical form报错
解决Prefix must be in canonical form报错 已总结完全,不需要参考其它博文 目录 解决Prefix must be in canonical form报错 `已总结完全, ...
最新文章
- 产销平衡的运输问题上机实验matlab_MATLAB实验上机练习(三)
- 怎样通过vb设置透视表多项选择_数据透视表有多强大?
- linux 内存溢出排查_【开发者成长】JAVA 线上故障排查完整套路!
- python打开文件对话框_python实战演练:如何通过对话框打开文件并对文件进行对比...
- nginx访问日志 logstash 配置文件实例2
- 阿里巴巴牵手上汽集团:成立汽车科技公司
- Java 性能优化系列之3.2[JVM调优]
- SQLite字符串拼接
- SCHEDULE(调度程序)
- PyQt5-QComboBox控件使用实现省市级联效果
- 答题卡 移动端在线考试html模板,标准化考试答题卡模板.doc
- 测试用例方法----正交试验(实验)设计法(黑盒)
- AspNetPager 分页
- C/C++整数除法以及保留小数位的问题
- 获取ftp服务器文件,ftp获取服务器文件
- 【亲测有效】解决执行nrm ls命令查看不到*星号的问题
- YGG 与 Web3 平台 Strider 达成合作,用 DAO 工具和资源为创作社区赋能
- centos 服务自启动管理
- 修改并上传SyntaxHighlighter源码个性化博客代码风格
- UIL doesn't support scheme(protocol) by default
热门文章
- JavaScript数组方法 改变原数组和不改变原数组的方法整理
- TortoiseSVN 下载安装使用
- dor服务器阵列修复,服务器raid5阵列故障排查及数据恢复方法篇
- Anchor box坐标(Sac,Sar,Eac,Ear)到Precdict box坐标(Spc,Spr,Epc,Epr)关系推导
- 数据库无法连接的几种情况
- 我从华为身上学到的项目管理经验 -- 设计篇
- 使用PHP实现文件上传
- java 正则拼音_正则匹配拼音
- (送书)《美好企业》导读:企业家需要超越世俗的成功
- unity shader相关工具教程