applicationContext.xml中的配置
<bean id="lifecycleBeanPostProcessor" class="org.apache.shiro.spring.LifecycleBeanPostProcessor" />
<!-- shiro过滤器拦截配制 -->
<bean id="shiroFilter" class="org.apache.shiro.spring.web.ShiroFilterFactoryBean">
<property name="securityManager" ref="securityManager" />
<!-- 登录路径 -->
<property name="loginUrl" value="/WEB-INF/jsps/public/login.jsp" />
<!-- 登录成功后跳转路径 -->
<property name="successUrl" value="/index.jsp" />
<!-- 登录失败跳转路径 -->
<property name="unauthorizedUrl" value="/WEB-INF/jsps/error/noLogin.jsp" />
<property name="filterChainDefinitions">
<value>
/css/** = anon
/js/** = anon
/images/** = anon
</value>
</property>
</bean>
<!-- 配置自定义登录获取角色权限规则 -->
<bean id="BRealm" class="com.sd.utils.realm.BRealm"/>
<!-- 认证管理器配制 -->
<bean id="securityManager" class="org.apache.shiro.web.mgt.DefaultWebSecurityManager">
<property name="realm" ref="BRealm" />
<property name="cacheManager" ref="cacheManager" />
<property name="sessionManager" ref="sessionManager"/>
</bean>
<bean id="cacheManager" class="org.apache.shiro.cache.ehcache.EhCacheManager"/>
<bean id="sessionManager" class="org.apache.shiro.web.session.mgt.DefaultWebSessionManager">
<property name="sessionDAO" ref="sessionDAO"/>
</bean>
<bean id="sessionDAO" class="org.apache.shiro.session.mgt.eis.EnterpriseCacheSessionDAO">
<property name="activeSessionsCacheName" value="shiro-activeSessionCache"/>
</bean>
<!-- 密码匹配规则配制 -->
<bean id="hashedCredentialsMatcher"
class="org.apache.shiro.authc.credential.HashedCredentialsMatcher">
<!-- 加密算法配制 -->
<property name="hashAlgorithmName" value="MD5" />
<!-- 加密编码配制,此处为Hex -->
<property name="storedCredentialsHexEncoded" value="true" />
<!-- 生成hash值得迭代次数 -->
<property name="hashIterations" value="1" />
</bean>
<!-- 登录失败和权限不足时抛出一样的拦截 -->
<bean class="org.springframework.web.servlet.handler.SimpleMappingExceptionResolver">
<property name="exceptionMappings">
<props>
<prop key="org.apache.shiro.authz.UnauthorizedException">
/WEB-INF/jsps/error/noLogin.jsp
</prop>
<prop key="org.apache.shiro.authz.UnauthenticatedException">
/WEB-INF/jsps/error/noPermission.jsp
</prop>
</props>
</property>
</bean>
springmvc.xml中的配置
<!-- 配置注解扫描基础 -->
<context:component-scan base-package="com.sd.batch"/>
<mvc:annotation-driven/>
<!-- AOP式方法级权限检查 这两个类主要用于注解 -->
<bean
class="org.springframework.aop.framework.autoproxy.DefaultAdvisorAutoProxyCreator"
depends-on="lifecycleBeanPostProcessor">
<property name="proxyTargetClass" value="true"/>
</bean>
<bean
class="org.apache.shiro.spring.security.interceptor.AuthorizationAttributeSourceAdvisor">
<property name="securityManager" ref="securityManager" />
</bean>
<bean id="annotationUrlMapping"
class="org.springframework.web.servlet.mvc.annotation.DefaultAnnotationHandlerMapping">
</bean>
<bean id="annotationMethodHandlerAdapter"
class="org.springframework.web.servlet.mvc.annotation.AnnotationMethodHandlerAdapter"/>
<!-- 支持上传文件 -->
<bean id="multipartResolver" class="org.springframework.web.multipart.commons.CommonsMultipartResolver">
<property name="maxUploadSize" value="209715200"/>
<property name="resolveLazily" value="true"/>
</bean>
哪位大神帮忙看看?配置有问题,但不知道改哪里。
------解决思路----------------------
失效,如何失效的,能访问到目标handler方法么?你看看是不是这个的原因,。
如:requestMapping("/test")
是不是应该保证能访问到 /test
/test = anon