shiro 多次密码输入错误账号锁定 5C

图片说明shiro加入这个无论密码输入对了还是错了都是密码错误?怎么回事?

3个回答

虽然没用过shiro,但是通用原则是:用了哈希函数进行校验,设置密码时保存的用户密码也应该是哈希值而不是明文。
除了密码输入框,其它地方不应该再出现密码明文,避免被人直接从数据中窃取密码。

验证之前要先对密码进行加密,然后再比较

先检查你是否密文保存密码,随后单步调试密码认证器,看传入的密码后数据库的密码是否匹配。

Csdn user default icon
上传中...
上传图片
插入图片
抄袭、复制答案,以达到刷声望分或其他目的的行为,在CSDN问答是严格禁止的,一经发现立刻封号。是时候展现真正的技术了!
其他相关推荐
Shiro登录,账号、密码外,还需要传另外一个参数到后台验证,请问如何传这个参数
## ## Shiro登录验证,除了账号、密码,还需要传另外一个参数到后台验证,请问如何传这个参数? 不同地区可能存在相同账号名称,所以在 Shiro登录验证时候 除了账号和密码,还需要传递地区信息,shiro里token只存了账号和密码,询问下怎么传递第三个参数?在线等
shiro记住密码功能,rememberMe功能
环境:spring+springmvc+shiro+mysql 1.shiro容器配置了/**=anon,拦截所有请求。 2.使用注解@RequiresAuthentication实现权限控制 需求: 实现用户记住密码功能(2周内自动登录) java小白,请大神多多帮助,谢谢
shiro整合ehcache总是报错
Caused by: org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'securityManager' defined in class path resource [spring/spring-shiro.xml]: Cannot resolve reference to bean 'sessionManager' while setting bean property 'sessionManager'; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'sessionManager' defined in class path resource [spring/spring-shiro.xml]: Initialization of bean failed; nested exception is org.springframework.beans.ConversionNotSupportedException: Failed to convert property value of type 'net.sf.ehcache.CacheManager' to required type 'org.apache.shiro.cache.CacheManager' for property 'cacheManager'; nested exception is java.lang.IllegalStateException: Cannot convert value of type [net.sf.ehcache.CacheManager] to required type [org.apache.shiro.cache.CacheManager] for property 'cacheManager': no matching editors or conversion strategy found Caused by: java.lang.IllegalStateException: Cannot convert value of type [net.sf.ehcache.CacheManager] to required type [org.apache.shiro.cache.CacheManager] for property 'cacheManager': no matching editors or conversion strategy found
shiro不能导包,导报错误
Factory<org.apache.shiro.mgt.SecurityManager> factory = new IniSecurityManagerFactory("classpath:shiro.ini"); 将org.apache.shiro.mgt.SecurityManager写成SecurityManager,然后在导包就会出现错误,只能写成不到包的形式,这是为什么
spring mvc整合shiro报错
spring mvc整合shiro,运行都是正常的,可以用谷歌浏览器按F12,就会报下面的错。哪个大神能帮忙看一下 七月 24, 2017 8:01:56 上午 org.apache.catalina.core.ApplicationDispatcher invoke 严重: Servlet.service() for servlet jsp threw exception org.apache.shiro.UnavailableSecurityManagerException: No SecurityManager accessible to the calling code, either bound to the org.apache.shiro.util.ThreadContext or as a vm static singleton. This is an invalid application configuration. at org.apache.shiro.SecurityUtils.getSecurityManager(SecurityUtils.java:123) at org.apache.shiro.subject.Subject$Builder.<init>(Subject.java:627) at org.apache.shiro.SecurityUtils.getSubject(SecurityUtils.java:56) at org.apache.shiro.web.tags.SecureTag.getSubject(SecureTag.java:43) at org.apache.shiro.web.tags.PrincipalTag.onDoStartTag(PrincipalTag.java:120) at org.apache.shiro.web.tags.SecureTag.doStartTag(SecureTag.java:53) at org.apache.jsp.WEB_002dINF.jsp.error._404_jsp._jspx_meth_shiro_005fprincipal_005f0(_404_jsp.java:1222) at org.apache.jsp.WEB_002dINF.jsp.error._404_jsp._jspService(_404_jsp.java:593) at org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:70) at javax.servlet.http.HttpServlet.service(HttpServlet.java:731) at org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:439) at org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:395) at org.apache.jasper.servlet.JspServlet.service(JspServlet.java:339) at javax.servlet.http.HttpServlet.service(HttpServlet.java:731) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:303) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208) at org.apache.catalina.core.ApplicationDispatcher.invoke(ApplicationDispatcher.java:747) at org.apache.catalina.core.ApplicationDispatcher.processRequest(ApplicationDispatcher.java:487) at org.apache.catalina.core.ApplicationDispatcher.doForward(ApplicationDispatcher.java:410) at org.apache.catalina.core.ApplicationDispatcher.forward(ApplicationDispatcher.java:337) at org.apache.catalina.core.StandardHostValve.custom(StandardHostValve.java:479) at org.apache.catalina.core.StandardHostValve.status(StandardHostValve.java:341) at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:206) at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:103) at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:956) at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:116) at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:436) at org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1078) at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:625) at org.apache.tomcat.util.net.JIoEndpoint$SocketProcessor.run(JIoEndpoint.java:318) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615) at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61) at java.lang.Thread.run(Thread.java:744) 七月 24, 2017 8:01:56 上午 org.apache.catalina.core.StandardHostValve custom 严重: Exception Processing ErrorPage[errorCode=404, location=/WEB-INF/jsp/error/404.jsp] org.apache.jasper.JasperException: org.apache.shiro.UnavailableSecurityManagerException: No SecurityManager accessible to the calling code, either bound to the org.apache.shiro.util.ThreadContext or as a vm static singleton. This is an invalid application configuration. at org.apache.jasper.servlet.JspServletWrapper.handleJspException(JspServletWrapper.java:556) at org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:477) at org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:395) at org.apache.jasper.servlet.JspServlet.service(JspServlet.java:339) at javax.servlet.http.HttpServlet.service(HttpServlet.java:731) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:303) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208) at org.apache.catalina.core.ApplicationDispatcher.invoke(ApplicationDispatcher.java:747) at org.apache.catalina.core.ApplicationDispatcher.processRequest(ApplicationDispatcher.java:487) at org.apache.catalina.core.ApplicationDispatcher.doForward(ApplicationDispatcher.java:410) at org.apache.catalina.core.ApplicationDispatcher.forward(ApplicationDispatcher.java:337) at org.apache.catalina.core.StandardHostValve.custom(StandardHostValve.java:479) at org.apache.catalina.core.StandardHostValve.status(StandardHostValve.java:341) at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:206) at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:103) at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:956) at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:116) at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:436) at org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1078) at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:625) at org.apache.tomcat.util.net.JIoEndpoint$SocketProcessor.run(JIoEndpoint.java:318) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615) at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61) at java.lang.Thread.run(Thread.java:744) Caused by: org.apache.shiro.UnavailableSecurityManagerException: No SecurityManager accessible to the calling code, either bound to the org.apache.shiro.util.ThreadContext or as a vm static singleton. This is an invalid application configuration. at org.apache.shiro.SecurityUtils.getSecurityManager(SecurityUtils.java:123) at org.apache.shiro.subject.Subject$Builder.<init>(Subject.java:627) at org.apache.shiro.SecurityUtils.getSubject(SecurityUtils.java:56) at org.apache.shiro.web.tags.SecureTag.getSubject(SecureTag.java:43) at org.apache.shiro.web.tags.PrincipalTag.onDoStartTag(PrincipalTag.java:120) at org.apache.shiro.web.tags.SecureTag.doStartTag(SecureTag.java:53) at org.apache.jsp.WEB_002dINF.jsp.error._404_jsp._jspx_meth_shiro_005fprincipal_005f0(_404_jsp.java:1222) at org.apache.jsp.WEB_002dINF.jsp.error._404_jsp._jspService(_404_jsp.java:593) at org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:70) at javax.servlet.http.HttpServlet.service(HttpServlet.java:731) at org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:439) ... 23 more
shiro配置,项目启动报错
org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'shiroFilter' defined in class path resource [applicationContext-shiro.xml]: Cannot resolve reference to bean 'securityManager' while setting bean property 'securityManager'; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'securityManager' defined in class path resource [applicationContext-shiro.xml]: Cannot resolve reference to bean 'bosRealm' while setting bean property 'realm'; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'bosRealm': Injection of autowired dependencies failed; nested exception is org.springframework.beans.factory.BeanCreationException: Could not autowire field: private cn.itcast.bos.service.system.UserService cn.itcast.bos.realm.BosRealm.userService; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'userServiceimpl': Injection of autowired dependencies failed; nested exception is org.springframework.beans.factory.BeanCreationException: Could not autowire field: private cn.itcast.bos.dao.system.UserRepository cn.itcast.bos.service.system.impl.UserServiceimpl.userRepository; nested exception is org.springframework.beans.factory.NoSuchBeanDefinitionException: No qualifying bean of type [cn.itcast.bos.dao.system.UserRepository] found for dependency: expected at least 1 bean which qualifies as autowire candidate for this dependency. Dependency annotations: {@org.springframework.beans.factory.annotation.Autowired(required=true)} 看意思是securityManager在shiroFilter中的应用不能解析,但是检查了好长时间感觉没问题,实在不知道什么问题了,求大神指导
Shiro登录验证,除了账号、密码,还需要传另外一个参数到后台验证,请问如何传这个参数?
我的登录页面: ![图片说明](https://img-ask.csdn.net/upload/201710/09/1507537465_305771.png) 页面代码: ![图片说明](https://img-ask.csdn.net/upload/201710/09/1507537586_961288.png) Controller接收参数如何处理才能接收到“区域”这个参数呢? 现在的Controller的代码如下: ![图片说明](https://img-ask.csdn.net/upload/201710/09/1507537654_811082.png) 各位婶婶,不吝赐教!!!
对shiro框架的一些疑惑
shriro框架的锁定,是存储在缓存里的么?那为什么还在数据库里记录是否锁定?如果服务器重启,锁定是不是解除?那框架对shiro存储在数据库里是否锁定的标记怎么处理?就是说,如果我被锁定了十分钟,一旦服务器重启,这十分钟怎么弄?相应的rememberme的处理是怎样的?。。最后一个问题,密码匹配是将匹配密码再加密一遍与数据库加过密的密码匹配,还是只需要登入密码就可以
shiro JSP使用标签报错
在JSP页面使用shiro标签报错,要怎么改?求大神指点 java.lang.IllegalArgumentException: Wildcard string cannot be null or empty. Make sure permission strings are properly formatted. org.apache.shiro.authz.permission.WildcardPermission.setParts(WildcardPermission.java:151) org.apache.shiro.authz.permission.WildcardPermission.<init>(WildcardPermission.java:142) org.apache.shiro.authz.permission.WildcardPermission.<init>(WildcardPermission.java:138) org.apache.shiro.authz.permission.WildcardPermissionResolver.resolvePermission(WildcardPermissionResolver.java:41) org.apache.shiro.realm.AuthorizingRealm.resolvePermissions(AuthorizingRealm.java:433) org.apache.shiro.realm.AuthorizingRealm.getPermissions(AuthorizingRealm.java:409) org.apache.shiro.realm.AuthorizingRealm.isPermitted(AuthorizingRealm.java:466) org.apache.shiro.realm.AuthorizingRealm.isPermitted(AuthorizingRealm.java:462) org.apache.shiro.realm.AuthorizingRealm.isPermitted(AuthorizingRealm.java:457) org.apache.shiro.authz.ModularRealmAuthorizer.isPermitted(ModularRealmAuthorizer.java:223) org.apache.shiro.mgt.AuthorizingSecurityManager.isPermitted(AuthorizingSecurityManager.java:113) org.apache.shiro.subject.support.DelegatingSubject.isPermitted(DelegatingSubject.java:158) org.apache.shiro.web.tags.PermissionTag.isPermitted(PermissionTag.java:66) org.apache.shiro.web.tags.HasPermissionTag.showTagBody(HasPermissionTag.java:32) org.apache.shiro.web.tags.PermissionTag.onDoStartTag(PermissionTag.java:57) org.apache.shiro.web.tags.SecureTag.doStartTag(SecureTag.java:53) org.apache.jsp.success_jsp._jspx_meth_shiro_005fhasPermission_005f0(success_jsp.java:205) org.apache.jsp.success_jsp._jspService(success_jsp.java:122) org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:70) javax.servlet.http.HttpServlet.service(HttpServlet.java:729) org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:438) org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:396) org.apache.jasper.servlet.JspServlet.service(JspServlet.java:340) javax.servlet.http.HttpServlet.service(HttpServlet.java:729) org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52) org.springframework.web.filter.CharacterEncodingFilter.doFilterInternal(CharacterEncodingFilter.java:88) org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) org.apache.shiro.web.servlet.AbstractShiroFilter.executeChain(AbstractShiroFilter.java:449) org.apache.shiro.web.servlet.AbstractShiroFilter$1.call(AbstractShiroFilter.java:365) org.apache.shiro.subject.support.SubjectCallable.doCall(SubjectCallable.java:90) org.apache.shiro.subject.support.SubjectCallable.call(SubjectCallable.java:83) org.apache.shiro.subject.support.DelegatingSubject.execute(DelegatingSubject.java:383) org.apache.shiro.web.servlet.AbstractShiroFilter.doFilterInternal(AbstractShiroFilter.java:362) org.apache.shiro.web.servlet.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:125) org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:344) org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:261) index.jsp <%@ page contentType="text/html;charset=UTF-8" language="java" %> <html> <body> <h2>Hello World!</h2> <form action="/login.do" method="post"> <table> <tr> <td>账号:</td> <td><input name="username" value="${users.username}"/></td> </tr> <tr> <td>密码:</td> <td><input type="password" name="password" value="${users.password}"/></td><br/> <td><input type="submit" value="login"/><span style="font-size: 12px;color: red">${error}</span></td> </tr> </table> </form> </body> </html> 登录成功之后的页面success.jsp <%@ page contentType="text/html;charset=UTF-8" language="java" %> <%@ taglib prefix="shiro" uri="http://shiro.apache.org/tags" %> <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> <title>Insert title here</title> </head> <body> ${info }欢迎你<br/> <shiro:hasRole name="admin"> 欢迎有admin角色的用户!<shiro:principal/> </shiro:hasRole> <shiro:hasPermission name="student:create"> 欢迎有student:create权限的用户!<shiro:principal/> </shiro:hasPermission> </body> </html> controller @Controller public class UsersController { @Autowired private UsersService usersService; @RequestMapping("/login") public String login(Model model,Users users){ Subject subject = SecurityUtils.getSubject(); UsernamePasswordToken token = new UsernamePasswordToken(users.getUsername(),users.getPassword()); try { subject.login(token); // Model model1 = (Model) subject.getSession(); // model1.addAttribute("info","welcome to"); // Session session = subject.getSession(); // session.setAttribute("info","Welcome To Shiro"); return "redirect:/success.jsp"; }catch (Exception e) { e.printStackTrace(); model.addAttribute("users",users); model.addAttribute("error","用户名或密码错误"); return "index"; } } }
ssm使用shiro启动报错
报错内容 Caused by: org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'loginRealm': Injection of resource dependencies failed; nested exception is org.springframework.beans.factory.NoSuchBeanDefinitionException: No qualifying bean of type [com.warehouse.service.UserLogingService] found for dependency: expected at least 1 bean which qualifies as autowire candidate for this dependency. Caused by: org.springframework.beans.factory.NoSuchBeanDefinitionException: No qualifying bean of type [com.warehouse.service.UserLogingService] found for dependency: expected at least 1 bean which qualifies as autowire candidate for this dependency. Dependency annotations: {@javax.annotation.Resource(shareable=true, lookup=, name=, description=, authenticationType=CONTAINER, type=class java.lang.Object, mappedName=)} shiro.xml配置 ``` <!-- 配置Shiro核心Filter --> <bean id="shiroFilter" class="org.apache.shiro.spring.web.ShiroFilterFactoryBean"> <!-- 安全管理器 --> <property name="securityManager" ref="securityManager" /> <!-- 未认证,跳转到哪个页面 --> <property name="loginUrl" value="/login.html" /> <!-- 登陆成功页面 --> <property name="successUrl" value="/index.html" /> <!-- 认证后,没有权限跳转页面 --> <property name="unauthorizedUrl" value="/unauthorized.html" /> <property name="filterChainDefinitions"> <value> /WEB-INF/views/login.html* = anon /loging.do* = anon /WEB-INF/llb/* = anon /res/** = anon /** = authc </value> </property> </bean> <!-- 配置Realm --> <bean id="loginRealm" class="com.warehouse.service.LoginRealm"> </bean> <!-- 安全管理器 --> <bean id="securityManager" class="org.apache.shiro.web.mgt.DefaultWebSecurityManager"> <property name="realm" ref="loginRealm" /> <!-- <property name="cacheManager" ref="shiroCacheManager" /> --> </bean> <bean id="lifecycleBeanPostProcessor" class="org.apache.shiro.spring.LifecycleBeanPostProcessor"/> ``` applicationContext.xml配置 ``` applicationContext.xml配置 <import resource="applicationContext-shiro.xml"/> <!-- 开启定时任务 --> <task:annotation-driven /> <!-- MyBatis配置 --> <bean id="sqlSessionFactory" class="org.mybatis.spring.SqlSessionFactoryBean"> <property name="dataSource" ref="dataSource" /> <!-- 显式指定Mapper文件位置 --> <property name="mapperLocations" value="classpath*:/mybatis/*Mapper.xml" /> <!-- mybatis配置文件路径 --> <property name="configLocation" value="classpath:/mybatis-config.xml" /> <property name="typeHandlersPackage" value="package com.warehouse.util" /> </bean> <bean id="sqlSessionTemplate" class="org.mybatis.spring.SqlSessionTemplate"> <constructor-arg index="0" ref="sqlSessionFactory" /> <!-- 这个执行器会批量执行更新语句, 还有SIMPLE 和 REUSE --> <!-- <constructor-arg index="1" value="BATCH"/> --> </bean> <!-- 扫描basePackage接口 --> <bean class="org.mybatis.spring.mapper.MapperScannerConfigurer"> <!-- 映射器接口文件的包路径, --> <property name="basePackage" value="com.warehouse.dao" /> </bean> <!-- 使用annotation定义事务 --> <bean id="transactionManager" class="org.springframework.jdbc.datasource.DataSourceTransactionManager"> <property name="dataSource" ref="dataSource"></property> </bean> <tx:annotation-driven transaction-manager="transactionManager" proxy-target-class="true" /> <!-- 数据源配置, 使用Tomcat JDBC连接池 --> <bean id="dataSource" class="org.apache.tomcat.jdbc.pool.DataSource" destroy-method="close"> <!-- Connection Info --> <property name="driverClassName" value="${jdbc.driver}" /> <property name="url" value="${jdbc.url}" /> <property name="username" value="${jdbc.username}" /> <property name="password" value="${jdbc.password}" /> <!-- Connection Pooling Info --> <property name="maxActive" value="${jdbc.pool.maxActive}" /> <property name="maxIdle" value="${jdbc.pool.maxIdle}" /> <property name="minIdle" value="0" /> <property name="defaultAutoCommit" value="false" /> </bean> <!-- production环境 --> <beans profile="production"> <context:property-placeholder ignore-unresolvable="true" file-encoding="utf-8" location="classpath:config.properties,classpath:jdbc.properties" /> </beans> ``` springMVC.xml配置 ``` <context:component-scan base-package="com.warehouse.*" /> <!--jsp可以不用添加这个 如果修改成html就必须用这个 --> <mvc:default-servlet-handler /> <mvc:annotation-driven /> <!--上面这个是为了html可以用 --> <bean class="org.springframework.web.servlet.mvc.annotation.AnnotationMethodHandlerAdapter"> <property name="messageConverters"> <list> <ref bean="mappingJacksonHttpMessageConverter" /> </list> </property> </bean> <!--模板 --> <bean class="org.springframework.web.servlet.mvc.annotation.AnnotationMethodHandlerAdapter"> <property name="messageConverters"> <list> <ref bean="mappingJacksonHttpMessageConverter" /> </list> </property> </bean> <mvc:resources mapping="/res/**" location="/res/" /> <bean id="freemarkerConfig" class="org.springframework.web.servlet.view.freemarker.FreeMarkerConfigurer"> <property name="templateLoaderPath" value="/WEB-INF/views/" /> <property name="freemarkerSettings"> <props> <prop key="template_update_delay">0</prop> <prop key="default_encoding">UTF-8</prop> <prop key="number_format">0.##########</prop> <prop key="datetime_format">yyyy-MM-dd HH:mm:ss</prop> <prop key="classic_compatible">true</prop> <prop key="template_exception_handler">ignore</prop> <prop key="auto_import">ftl/public.ftl as p,ftl/page.ftl as pg </prop> </props> </property> <property name="freemarkerVariables"> <map> <entry key="listProduct" value-ref="ProductDiretciv" /> </map> </property> </bean> <bean id="viewResolver" class="com.warehouse.freemarker.RichFreeMarkerViewResolver"> <property name="suffix"> <value>.html</value> </property> <property name="contentType" value="text/html;charset=UTF-8"></property> </bean> <bean class="org.springframework.web.servlet.view.InternalResourceViewResolver"> <property name="prefix" value="/WEB-INF/views" /> <property name="suffix" value=".*" /> </bean> <!-- <bean class="org.springframework.web.servlet.view.InternalResourceViewResolver" p:prefix="/WEB-INF/views/" p:suffix=".html"/> --> <bean class="org.springframework.web.servlet.mvc.annotation.AnnotationMethodHandlerAdapter"> <property name="messageConverters"> <list> <ref bean="mappingJacksonHttpMessageConverter" /> </list> </property> </bean> <bean id="mappingJacksonHttpMessageConverter" class="org.springframework.http.converter.json.MappingJackson2HttpMessageConverter"> <property name="supportedMediaTypes"> <list> <value>text/html;charset=UTF-8</value> </list> </property> </bean> ``` @Controller @Scope("prototype") public class UserLogingController { @RequestMapping("loging.do") @ResponseBody public String loging(ForeginUser fuser) { Subject subject = SecurityUtils.getSubject(); AuthenticationToken token = new UsernamePasswordToken(fuser.getUsername(), fuser.getPassword()); try { subject.login(token); return _HTML_INDEX_; } catch (AuthenticationException e) { e.printStackTrace(); return _HTML_LOGIN_; } } }@Controller @Scope("prototype") public class UserLogingController { @RequestMapping("loging.do") @ResponseBody public String loging(ForeginUser fuser) { Subject subject = SecurityUtils.getSubject(); AuthenticationToken token = new UsernamePasswordToken(fuser.getUsername(), fuser.getPassword()); try { subject.login(token); return _HTML_INDEX_; } catch (AuthenticationException e) { e.printStackTrace(); return _HTML_LOGIN_; } } } ``` ``` package com.warehouse.realm; public class LoginRealm extends AuthorizingRealm { @Resource private UserLogingService userlogingService; @Override protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection arg0) { return null; } @Override // 认证 protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException { UsernamePasswordToken upToken = (UsernamePasswordToken) token; ForeginUser resultUser = userlogingService.findByUsername(upToken.getUsername()); if (resultUser == null) { return new SimpleAuthenticationInfo(resultUser, null, getName()); } else { return new SimpleAuthenticationInfo(resultUser, resultUser.getPassword(), getName()); } } } package com.warehouse.service; @Service public class UserLogingServiceImpl implements UserLogingService { @Resource private UserLogingMapper userLogingMapeer; @Override public ForeginUser checkLoaderInfo(ForeginUser fuser) { return userLogingMapeer.findByUser(fuser); } @Override public ForeginUser findByUsername(String username) { return userLogingMapeer.findByUsername(username); } }
shiro整合ehcache时报错
shiro整合ehcache application-shiro.xml中相关配置: ``` <bean id="securityManager" class="org.apache.shiro.web.mgt.DefaultWebSecurityManager"> <property name="realm" ref="userRealm" /> <!-- 注入缓存管理器 --> <property name="cacheManager" ref="cacheManager"/> <!-- 注入session管理器 --> <property name="sessionManager" ref="sessionManager" /> </bean> <!-- 缓存管理器 --> <bean id="cacheManager" class="org.apache.shiro.cache.ehcache.EhCacheManager"> <property name="cacheManagerConfigFile" value="classpath:pvf-shiro-ehcache.xml"/> </bean> ``` pvf-shiro-ehcache.xml ``` <ehcache xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="http://ehcache.org/ehcache.xsd" updateCheck="false"> <!--diskStore:缓存数据持久化的目录 地址 --> <diskStore path="java.io.tmpdir"/> <defaultCache maxElementsInMemory="1000" maxElementsOnDisk="10000000" eternal="false" overflowToDisk="false" diskPersistent="false" timeToIdleSeconds="120" timeToLiveSeconds="120" diskExpiryThreadIntervalSeconds="120" memoryStoreEvictionPolicy="LRU"> </defaultCache> </ehcache> ``` 项目启动时报错: Caused by: java.lang.IllegalStateException: Cannot convert value of type [org.apache.shiro.cache.ehcache.EhCacheManager] to required type [net.sf.ehcache.CacheManager] for property 'cacheManager': no matching editors or conversion strategy found at org.springframework.beans.TypeConverterDelegate.convertIfNecessary(TypeConverterDelegate.java:231) at org.springframework.beans.BeanWrapperImpl.convertIfNecessary(BeanWrapperImpl.java:447) ... 53 more
Spring 整合 apache shiro, 多次实例化Realm
Spring 整合 apache shiro 时,当Realm中有自动注入(@Autowired)时,会实例化三次, ``` @Component @Scope(ConfigurableBeanFactory.SCOPE_SINGLETON) public class MyRealm extends AuthorizingRealm { public MyRealm() { System.out.println("in Myrelm()"); } @Autowired private UserService userService; } ``` 当UserService上有@Autowired 时,会执行三次构造方法,输出三次“in Myrelm()”。 如果去掉@Autowired 就只有一次。 在其他地方不会出现此问题,比如Controller中自动注入UserService。
apache shiro 多个sesssion登陆的问题
apache shiro 多个sesssion登陆的问题 有个项目是通过shiro做权限控制的, 现在要实现维护两套用户系统,分别登陆业务页面和后端管理页面,两个session分开维护。 如果只用shiro能满足这个需求么。怎么实现? 谢谢!!
spring整合shiro时报错
项目是我从我同事那里拷贝过来的,在我同事电脑上运行没有问题,在我的电脑上运行就报这个错误,网上能搜到的方法全部都试过了,不能解决问题,求大神指点 org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'shiroFilter' defined in class path resource [config/shiro.xml]: Cannot resolve reference to bean 'securityManager' while setting bean property 'securityManager'; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'securityManager' defined in class path resource [config/shiro.xml]: Instantiation of bean failed; nested exception is org.springframework.beans.BeanInstantiationException: Failed to instantiate [org.apache.shiro.web.mgt.DefaultWebSecurityManager]: Constructor threw exception; nested exception is java.lang.IllegalStateException: Unable to acquire AES algorithm. This is required to function. at org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveReference(BeanDefinitionValueResolver.java:359) at org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveValueIfNecessary(BeanDefinitionValueResolver.java:108) at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.applyPropertyValues(AbstractAutowireCapableBeanFactory.java:1531) at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.populateBean(AbstractAutowireCapableBeanFactory.java:1276) at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.java:553) at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:483) at org.springframework.beans.factory.support.AbstractBeanFactory$1.getObject(AbstractBeanFactory.java:306) at org.springframework.beans.factory.support.DefaultSingletonBeanRegistry.getSingleton(DefaultSingletonBeanRegistry.java:230) at org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(AbstractBeanFactory.java:302) at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:202) at org.springframework.context.support.PostProcessorRegistrationDelegate.registerBeanPostProcessors(PostProcessorRegistrationDelegate.java:235) at org.springframework.context.support.AbstractApplicationContext.registerBeanPostProcessors(AbstractApplicationContext.java:702) at org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java:527) at org.springframework.web.context.ContextLoader.configureAndRefreshWebApplicationContext(ContextLoader.java:443) at org.springframework.web.context.ContextLoader.initWebApplicationContext(ContextLoader.java:325) at org.springframework.web.context.ContextLoaderListener.contextInitialized(ContextLoaderListener.java:107) at org.apache.catalina.core.StandardContext.listenerStart(StandardContext.java:4792) at org.apache.catalina.core.StandardContext.startInternal(StandardContext.java:5256) at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:150) at org.apache.catalina.core.ContainerBase$StartChild.call(ContainerBase.java:1423) at org.apache.catalina.core.ContainerBase$StartChild.call(ContainerBase.java:1413) at java.util.concurrent.FutureTask.run(Unknown Source) at java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source) at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source) at java.lang.Thread.run(Unknown Source) Caused by: org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'securityManager' defined in class path resource [config/shiro.xml]: Instantiation of bean failed; nested exception is org.springframework.beans.BeanInstantiationException: Failed to instantiate [org.apache.shiro.web.mgt.DefaultWebSecurityManager]: Constructor threw exception; nested exception is java.lang.IllegalStateException: Unable to acquire AES algorithm. This is required to function. at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.instantiateBean(AbstractAutowireCapableBeanFactory.java:1155) at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBeanInstance(AbstractAutowireCapableBeanFactory.java:1099) at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.java:513) at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:483) at org.springframework.beans.factory.support.AbstractBeanFactory$1.getObject(AbstractBeanFactory.java:306) at org.springframework.beans.factory.support.DefaultSingletonBeanRegistry.getSingleton(DefaultSingletonBeanRegistry.java:230) at org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(AbstractBeanFactory.java:302) at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:197) at org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveReference(BeanDefinitionValueResolver.java:351) ... 24 more Caused by: org.springframework.beans.BeanInstantiationException: Failed to instantiate [org.apache.shiro.web.mgt.DefaultWebSecurityManager]: Constructor threw exception; nested exception is java.lang.IllegalStateException: Unable to acquire AES algorithm. This is required to function. at org.springframework.beans.BeanUtils.instantiateClass(BeanUtils.java:154) at org.springframework.beans.factory.support.SimpleInstantiationStrategy.instantiate(SimpleInstantiationStrategy.java:89) at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.instantiateBean(AbstractAutowireCapableBeanFactory.java:1147) ... 32 more Caused by: java.lang.IllegalStateException: Unable to acquire AES algorithm. This is required to function. at org.apache.shiro.crypto.AbstractSymmetricCipherService.generateNewKey(AbstractSymmetricCipherService.java:59) at org.apache.shiro.crypto.AbstractSymmetricCipherService.generateNewKey(AbstractSymmetricCipherService.java:43) at org.apache.shiro.mgt.AbstractRememberMeManager.<init>(AbstractRememberMeManager.java:99) at org.apache.shiro.web.mgt.CookieRememberMeManager.<init>(CookieRememberMeManager.java:87) at org.apache.shiro.web.mgt.DefaultWebSecurityManager.<init>(DefaultWebSecurityManager.java:75) at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method) at sun.reflect.NativeConstructorAccessorImpl.newInstance(Unknown Source) at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(Unknown Source) at java.lang.reflect.Constructor.newInstance(Unknown Source) at org.springframework.beans.BeanUtils.instantiateClass(BeanUtils.java:142) ... 34 more Caused by: java.security.NoSuchAlgorithmException: AES KeyGenerator not available at javax.crypto.KeyGenerator.<init>(KeyGenerator.java:169) at javax.crypto.KeyGenerator.getInstance(KeyGenerator.java:223) at org.apache.shiro.crypto.AbstractSymmetricCipherService.generateNewKey(AbstractSymmetricCipherService.java:56) ... 43 more
shiro授权问题,远程调用接口,无法跳转登录后界面
现在A系统通过传递账号密码调用B系统的登录接口实现登录,提示登录成功后,但是B系统shiro没有给账号授权,页面没法跳转登录后的页面,跳转到了login页面,不知道哪位大佬搞过这种?
springboot +shiro+maven 打包运行项目报错
运行登录的时候报下边错误,大神能给看看嘛? ===2019-12-10 13:31:07.250 WARN org.apache.shiro.authc.AbstractAuthenticator Line:216 - Authentication failed for token submission [org.apache.shiro.authc.UsernamePasswordToken - root, rememberMe=false (0:0:0:0:0:0:0:1)]. Possible unexpected error? (Typical or expected login exceptions should extend from AuthenticationException). java.lang.ClassCastException: class org.apache.shiro.authc.UsernamePasswordToken cannot be cast to class com.qiyuansoft.unicorn.common.realm.QYToken (org.apache.shiro.authc.UsernamePasswordToken and com.qiyuansoft.unicorn.common.realm.QYToken are in unnamed module of loader org.apache.catalina.loader.ParallelWebappClassLoader @651745d7) at com.qiyuansoft.unicorn.common.realm.QYLoginRealm.doGetAuthenticationInfo(QYLoginRealm.java:149) at org.apache.shiro.realm.AuthenticatingRealm.getAuthenticationInfo(AuthenticatingRealm.java:571) at org.apache.shiro.authc.pam.ModularRealmAuthenticator.doSingleRealmAuthentication(ModularRealmAuthenticator.java:180) at org.apache.shiro.authc.pam.ModularRealmAuthenticator.doAuthenticate(ModularRealmAuthenticator.java:267) at org.apache.shiro.authc.AbstractAuthenticator.authenticate(AbstractAuthenticator.java:198) at org.apache.shiro.mgt.AuthenticatingSecurityManager.authenticate(AuthenticatingSecurityManager.java:106) at org.apache.shiro.mgt.DefaultSecurityManager.login(DefaultSecurityManager.java:274) at org.apache.shiro.subject.support.DelegatingSubject.login(DelegatingSubject.java:260) at org.apache.shiro.web.filter.authc.AuthenticatingFilter.executeLogin(AuthenticatingFilter.java:53) at org.apache.shiro.web.filter.authc.FormAuthenticationFilter.onAccessDenied(FormAuthenticationFilter.java:154) at org.apache.shiro.web.filter.AccessControlFilter.onAccessDenied(AccessControlFilter.java:133) at org.apache.shiro.web.filter.AccessControlFilter.onPreHandle(AccessControlFilter.java:162) at org.apache.shiro.web.filter.PathMatchingFilter.isFilterChainContinued(PathMatchingFilter.java:203) at org.apache.shiro.web.filter.PathMatchingFilter.preHandle(PathMatchingFilter.java:178) at org.apache.shiro.web.servlet.AdviceFilter.doFilterInternal(AdviceFilter.java:131) at org.apache.shiro.web.servlet.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:125) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) at org.apache.shiro.web.servlet.ProxiedFilterChain.doFilter(ProxiedFilterChain.java:61) at org.apache.shiro.web.servlet.AdviceFilter.executeChain(AdviceFilter.java:108) at org.apache.shiro.web.servlet.AdviceFilter.doFilterInternal(AdviceFilter.java:137) at org.apache.shiro.web.servlet.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:125) at org.apache.shiro.web.servlet.ProxiedFilterChain.doFilter(ProxiedFilterChain.java:66) at org.apache.shiro.web.servlet.AbstractShiroFilter.executeChain(AbstractShiroFilter.java:449) at org.apache.shiro.web.servlet.AbstractShiroFilter$1.call(AbstractShiroFilter.java:365) at org.apache.shiro.subject.support.SubjectCallable.doCall(SubjectCallable.java:90) at org.apache.shiro.subject.support.SubjectCallable.call(SubjectCallable.java:83) at org.apache.shiro.subject.support.DelegatingSubject.execute(DelegatingSubject.java:387) at org.apache.shiro.web.servlet.AbstractShiroFilter.doFilterInternal(AbstractShiroFilter.java:362) at org.apache.shiro.web.servlet.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:125) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) at org.springframework.web.filter.RequestContextFilter.doFilterInternal(RequestContextFilter.java:99) at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) at org.springframework.web.filter.FormContentFilter.doFilterInternal(FormContentFilter.java:92) at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) at org.springframework.web.filter.HiddenHttpMethodFilter.doFilterInternal(HiddenHttpMethodFilter.java:93) at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) at org.springframework.boot.web.servlet.support.ErrorPageFilter.doFilter(ErrorPageFilter.java:130) at org.springframework.boot.web.servlet.support.ErrorPageFilter.access$000(ErrorPageFilter.java:66) at org.springframework.boot.web.servlet.support.ErrorPageFilter$1.doFilterInternal(ErrorPageFilter.java:105) at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) at org.springframework.boot.web.servlet.support.ErrorPageFilter.doFilter(ErrorPageFilter.java:123) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) at org.springframework.web.filter.CharacterEncodingFilter.doFilterInternal(CharacterEncodingFilter.java:200) at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:199) at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:96) at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:493) at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:140) at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:81) at org.apache.catalina.valves.AbstractAccessLogValve.invoke(AbstractAccessLogValve.java:650) at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:87) at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:342) at org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:800) at org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:66) at org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:806) at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1498) at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49) at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1128) at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:628) at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61) at java.base/java.lang.Thread.run(Thread.java:834) ===2019-12-10 13:31:07.253 DEBUG org.apache.shiro.web.servlet.SimpleCookie Line:226 - Added HttpServletResponse Cookie [QYrememberMe=deleteMe; Path=/; Max-Age=0; Expires=Mon, 09-Dec-2019 05:31:07 GMT] ===2019-12-10 13:31:07.254 DEBUG org.apache.shiro.web.filter.authc.FormAuthenticationFilter Line:206 - Authentication exception org.apache.shiro.authc.AuthenticationException: Authentication failed for token submission [org.apache.shiro.authc.UsernamePasswordToken - root, rememberMe=false (0:0:0:0:0:0:0:1)]. Possible unexpected error? (Typical or expected login exceptions should extend from AuthenticationException). at org.apache.shiro.authc.AbstractAuthenticator.authenticate(AbstractAuthenticator.java:214) at org.apache.shiro.mgt.AuthenticatingSecurityManager.authenticate(AuthenticatingSecurityManager.java:106) at org.apache.shiro.mgt.DefaultSecurityManager.login(DefaultSecurityManager.java:274) at org.apache.shiro.subject.support.DelegatingSubject.login(DelegatingSubject.java:260) at org.apache.shiro.web.filter.authc.AuthenticatingFilter.executeLogin(AuthenticatingFilter.java:53) at org.apache.shiro.web.filter.authc.FormAuthenticationFilter.onAccessDenied(FormAuthenticationFilter.java:154) at org.apache.shiro.web.filter.AccessControlFilter.onAccessDenied(AccessControlFilter.java:133) at org.apache.shiro.web.filter.AccessControlFilter.onPreHandle(AccessControlFilter.java:162) at org.apache.shiro.web.filter.PathMatchingFilter.isFilterChainContinued(PathMatchingFilter.java:203) at org.apache.shiro.web.filter.PathMatchingFilter.preHandle(PathMatchingFilter.java:178) at org.apache.shiro.web.servlet.AdviceFilter.doFilterInternal(AdviceFilter.java:131) at org.apache.shiro.web.servlet.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:125) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) at org.apache.shiro.web.servlet.ProxiedFilterChain.doFilter(ProxiedFilterChain.java:61) at org.apache.shiro.web.servlet.AdviceFilter.executeChain(AdviceFilter.java:108) at org.apache.shiro.web.servlet.AdviceFilter.doFilterInternal(AdviceFilter.java:137) at org.apache.shiro.web.servlet.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:125) at org.apache.shiro.web.servlet.ProxiedFilterChain.doFilter(ProxiedFilterChain.java:66) at org.apache.shiro.web.servlet.AbstractShiroFilter.executeChain(AbstractShiroFilter.java:449) at org.apache.shiro.web.servlet.AbstractShiroFilter$1.call(AbstractShiroFilter.java:365) at org.apache.shiro.subject.support.SubjectCallable.doCall(SubjectCallable.java:90) at org.apache.shiro.subject.support.SubjectCallable.call(SubjectCallable.java:83) at org.apache.shiro.subject.support.DelegatingSubject.execute(DelegatingSubject.java:387) at org.apache.shiro.web.servlet.AbstractShiroFilter.doFilterInternal(AbstractShiroFilter.java:362) at org.apache.shiro.web.servlet.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:125) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) at org.springframework.web.filter.RequestContextFilter.doFilterInternal(RequestContextFilter.java:99) at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) at org.springframework.web.filter.FormContentFilter.doFilterInternal(FormContentFilter.java:92) at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) at org.springframework.web.filter.HiddenHttpMethodFilter.doFilterInternal(HiddenHttpMethodFilter.java:93) at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) at org.springframework.boot.web.servlet.support.ErrorPageFilter.doFilter(ErrorPageFilter.java:130) at org.springframework.boot.web.servlet.support.ErrorPageFilter.access$000(ErrorPageFilter.java:66) at org.springframework.boot.web.servlet.support.ErrorPageFilter$1.doFilterInternal(ErrorPageFilter.java:105) at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) at org.springframework.boot.web.servlet.support.ErrorPageFilter.doFilter(ErrorPageFilter.java:123) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) at org.springframework.web.filter.CharacterEncodingFilter.doFilterInternal(CharacterEncodingFilter.java:200) at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:199) at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:96) at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:493) at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:140) at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:81) at org.apache.catalina.valves.AbstractAccessLogValve.invoke(AbstractAccessLogValve.java:650) at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:87) at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:342) at org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:800) at org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:66) at org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:806) at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1498) at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49) at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1128) at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:628) at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61) at java.base/java.lang.Thread.run(Thread.java:834) Caused by: java.lang.ClassCastException: class org.apache.shiro.authc.UsernamePasswordToken cannot be cast to class com.qiyuansoft.unicorn.common.realm.QYToken (org.apache.shiro.authc.UsernamePasswordToken and com.qiyuansoft.unicorn.common.realm.QYToken are in unnamed module of loader org.apache.catalina.loader.ParallelWebappClassLoader @651745d7) at com.qiyuansoft.unicorn.common.realm.QYLoginRealm.doGetAuthenticationInfo(QYLoginRealm.java:149) at org.apache.shiro.realm.AuthenticatingRealm.getAuthenticationInfo(AuthenticatingRealm.java:571) at org.apache.shiro.authc.pam.ModularRealmAuthenticator.doSingleRealmAuthentication(ModularRealmAuthenticator.java:180) at org.apache.shiro.authc.pam.ModularRealmAuthenticator.doAuthenticate(ModularRealmAuthenticator.java:267) at org.apache.shiro.authc.AbstractAuthenticator.authenticate(AbstractAuthenticator.java:198) ... 67 common frames omitted ===2019-12-10 13:31:07.281 DEBUG org.apache.shiro.session.mgt.DefaultSessionManager Line:218 - Unable to resolve session ID from SessionKey [org.apache.shiro.web.session.mgt.WebSessionKey@47af0345]. Returning null to indicate a session could not be found.
我需要一个整合spring boot shiro JWT 的多realm登录认证的demo
<!-- shiro依赖--> <dependency> <groupId>org.apache.shiro</groupId> <artifactId>shiro-spring</artifactId> <version>1.4.0</version> </dependency> <dependency> <groupId>org.apache.shiro</groupId> <artifactId>shiro-ehcache</artifactId> <version>1.4.0</version> </dependency> <!-- jwt依赖--> <dependency> <groupId>com.auth0</groupId> <artifactId>java-jwt</artifactId> <version>3.2.0</version> </dependency> 依赖 需要JWT在一个realm中进行token认证,需要两个realm分别认证验证码登录,密码登录, 我需要demo文件
shiro jsp标签报错,大神给帮忙看下
页面用<shiro:hasPermission name="left:banner">标签,报错,为何? java.lang.IllegalArgumentException: Wildcard string cannot be null or empty. Make sure permission strings are properly formatted. at org.apache.shiro.authz.permission.WildcardPermission.setParts(WildcardPermission.java:151) at org.apache.shiro.authz.permission.WildcardPermission.<init>(WildcardPermission.java:142) at org.apache.shiro.authz.permission.WildcardPermission.<init>(WildcardPermission.java:138) at org.apache.shiro.authz.permission.WildcardPermissionResolver.resolvePermission(WildcardPermissionResolver.java:41) at org.apache.shiro.realm.AuthorizingRealm.resolvePermissions(AuthorizingRealm.java:433) at org.apache.shiro.realm.AuthorizingRealm.getPermissions(AuthorizingRealm.java:409) at org.apache.shiro.realm.AuthorizingRealm.isPermitted(AuthorizingRealm.java:466) at org.apache.shiro.realm.AuthorizingRealm.isPermitted(AuthorizingRealm.java:462) at org.apache.shiro.realm.AuthorizingRealm.isPermitted(AuthorizingRealm.java:457) at org.apache.shiro.authz.ModularRealmAuthorizer.isPermitted(ModularRealmAuthorizer.java:223) at org.apache.shiro.mgt.AuthorizingSecurityManager.isPermitted(AuthorizingSecurityManager.java:113) at org.apache.shiro.subject.support.DelegatingSubject.isPermitted(DelegatingSubject.java:158) at org.apache.shiro.web.tags.PermissionTag.isPermitted(PermissionTag.java:66) at org.apache.shiro.web.tags.HasPermissionTag.showTagBody(HasPermissionTag.java:32) at org.apache.shiro.web.tags.PermissionTag.onDoStartTag(PermissionTag.java:57) at org.apache.shiro.web.tags.SecureTag.doStartTag(SecureTag.java:53)
整合shiro报错:SessionFactory冲突
1、在配置shiro的配置文件的时候报错,查出原因就是下面这行导致的 <bean id="shiroSessionManager" class="org.apache.shiro.web.session.mgt.DefaultWebSessionManager"></bean> 报错信息: Cannot convert value of type [org.hibernate.impl.SessionFactoryImpl] to required type [org.apache.shiro.session.mgt.SessionFactory] for property 'sessionFactory': no matching editors or conversion strategy found 应该是shiro中也定义了属性SessionFactory,但是注入的却是hibernate的sessionfactory 怎么解决呢 求教!!!!
相见恨晚的超实用网站
搞学习 知乎:www.zhihu.com 简答题:http://www.jiandati.com/ 网易公开课:https://open.163.com/ted/ 网易云课堂:https://study.163.com/ 中国大学MOOC:www.icourse163.org 网易云课堂:study.163.com 哔哩哔哩弹幕网:www.bilibili.com 我要自学网:www.51zxw
爬虫福利二 之 妹子图网MM批量下载
爬虫福利一:27报网MM批量下载    点击 看了本文,相信大家对爬虫一定会产生强烈的兴趣,激励自己去学习爬虫,在这里提前祝:大家学有所成! 目标网站:妹子图网 环境:Python3.x 相关第三方模块:requests、beautifulsoup4 Re:各位在测试时只需要将代码里的变量 path 指定为你当前系统要保存的路径,使用 python xxx.py 或IDE运行即可。
字节跳动视频编解码面经
引言 本文主要是记录一下面试字节跳动的经历。 三四月份投了字节跳动的实习(图形图像岗位),然后hr打电话过来问了一下会不会opengl,c++,shador,当时只会一点c++,其他两个都不会,也就直接被拒了。 七月初内推了字节跳动的提前批,因为内推没有具体的岗位,hr又打电话问要不要考虑一下图形图像岗,我说实习投过这个岗位不合适,不会opengl和shador,然后hr就说秋招更看重基础。我当时
开源一个功能完整的SpringBoot项目框架
福利来了,给大家带来一个福利。 最近想了解一下有关Spring Boot的开源项目,看了很多开源的框架,大多是一些demo或者是一个未成形的项目,基本功能都不完整,尤其是用户权限和菜单方面几乎没有完整的。 想到我之前做的框架,里面通用模块有:用户模块,权限模块,菜单模块,功能模块也齐全了,每一个功能都是完整的。 打算把这个框架分享出来,供大家使用和学习。 为什么用框架? 框架可以学习整体
小白如何学习java?
在博主认为,对于入门级学习java的最佳学习方法莫过于视频+博客+书籍+总结,前三者博主将淋漓尽致地挥毫于这篇博客文章中,至于总结在于个人,实际上越到后面你会发现学习的最好方式就是阅读参考官方文档其次就是国内的书籍,博客次之,这又是一个层次了,这里暂时不提后面再谈。博主将为各位入门java保驾护航,各位只管冲鸭!!!上天是公平的,只要不辜负时间,时间自然不会辜负你。 何谓学习?博主所理解的学习,它
程序员必须掌握的核心算法有哪些?
由于我之前一直强调数据结构以及算法学习的重要性,所以就有一些读者经常问我,数据结构与算法应该要学习到哪个程度呢?,说实话,这个问题我不知道要怎么回答你,主要取决于你想学习到哪些程度,不过针对这个问题,我稍微总结一下我学过的算法知识点,以及我觉得值得学习的算法。这些算法与数据结构的学习大多数是零散的,并没有一本把他们全部覆盖的书籍。下面是我觉得值得学习的一些算法以及数据结构,当然,我也会整理一些看过...
比特币原理详解
一、什么是比特币 比特币是一种电子货币,是一种基于密码学的货币,在2008年11月1日由中本聪发表比特币白皮书,文中提出了一种去中心化的电子记账系统,我们平时的电子现金是银行来记账,因为银行的背后是国家信用。去中心化电子记账系统是参与者共同记账。比特币可以防止主权危机、信用风险。其好处不多做赘述,这一层面介绍的文章很多,本文主要从更深层的技术原理角度进行介绍。 二、问题引入 假设现有4个人...
【C++】C++11的std::array的详细剖析
当学习C++的时候,数组是最基本的结构之一,通常通过以下的方式来定义: int a[5]; int *b = new int[5]; 上面一句是在栈上定义了一个长度为5的数组,下面一句是在堆上定义了一个长度为5的数组,并用一个指针指向它。 在C++11中,引入了一种新的数组定义方式std::array。 std::array的特性 std::array是具有固定大小的数组。因此,它并不支持添加...
Python 基础(一):入门必备知识
Python 入门必备知识,你都掌握了吗?
程序员接私活怎样防止做完了不给钱?
首先跟大家说明一点,我们做 IT 类的外包开发,是非标品开发,所以很有可能在开发过程中会有这样那样的需求修改,而这种需求修改很容易造成扯皮,进而影响到费用支付,甚至出现做完了项目收不到钱的情况。 那么,怎么保证自己的薪酬安全呢? 我们在开工前,一定要做好一些证据方面的准备(也就是“讨薪”的理论依据),这其中最重要的就是需求文档和验收标准。一定要让需求方提供这两个文档资料作为开发的基础。之后开发...
Python十大装B语法
Python 是一种代表简单思想的语言,其语法相对简单,很容易上手。不过,如果就此小视 Python 语法的精妙和深邃,那就大错特错了。本文精心筛选了最能展现 Python 语法之精妙的十个知识点,并附上详细的实例代码。如能在实战中融会贯通、灵活使用,必将使代码更为精炼、高效,同时也会极大提升代码B格,使之看上去更老练,读起来更优雅。
数据库优化 - SQL优化
以实际SQL入手,带你一步一步走上SQL优化之路!
2019年11月中国大陆编程语言排行榜
2019年11月2日,我统计了某招聘网站,获得有效程序员招聘数据9万条。针对招聘信息,提取编程语言关键字,并统计如下: 编程语言比例 rank pl_ percentage 1 java 33.62% 2 cpp 16.42% 3 c_sharp 12.82% 4 javascript 12.31% 5 python 7.93% 6 go 7.25% 7 p...
写了很久,这是一份最适合/贴切普通大众/科班/非科班的『学习路线』
说实话,对于学习路线这种文章我一般是不写的,大家看我的文章也知道,我是很少写建议别人怎么样怎么样的文章,更多的是,写自己的真实经历,然后供大家去参考,这样子,我内心也比较踏实,也不怕误导他人。 但是,最近好多人问我学习路线,而且很多大一大二的,说自己很迷茫,看到我那篇 普普通通,我的三年大学 之后很受激励,觉得自己也能行,(是的,别太浪,你一定能行)希望我能给他个学习路线,说...
腾讯算法面试题:64匹马8个跑道需要多少轮才能选出最快的四匹?
昨天,有网友私信我,说去阿里面试,彻底的被打击到了。问了为什么网上大量使用ThreadLocal的源码都会加上private static?他被难住了,因为他从来都没有考虑过这个问题。无独有偶,今天笔者又发现有网友吐槽了一道腾讯的面试题,我们一起来看看。 腾讯算法面试题:64匹马8个跑道需要多少轮才能选出最快的四匹? 在互联网职场论坛,一名程序员发帖求助到。二面腾讯,其中一个算法题:64匹...
面试官:你连RESTful都不知道我怎么敢要你?
干货,2019 RESTful最贱实践
为啥国人偏爱Mybatis,而老外喜欢Hibernate/JPA呢?
关于SQL和ORM的争论,永远都不会终止,我也一直在思考这个问题。昨天又跟群里的小伙伴进行了一番讨论,感触还是有一些,于是就有了今天这篇文。 声明:本文不会下关于Mybatis和JPA两个持久层框架哪个更好这样的结论。只是摆事实,讲道理,所以,请各位看官勿喷。 一、事件起因 关于Mybatis和JPA孰优孰劣的问题,争论已经很多年了。一直也没有结论,毕竟每个人的喜好和习惯是大不相同的。我也看...
SQL-小白最佳入门sql查询一
不要偷偷的查询我的个人资料,即使你再喜欢我,也不要这样,真的不好;
项目中的if else太多了,该怎么重构?
介绍 最近跟着公司的大佬开发了一款IM系统,类似QQ和微信哈,就是聊天软件。我们有一部分业务逻辑是这样的 if (msgType = "文本") { // dosomething } else if(msgType = "图片") { // doshomething } else if(msgType = "视频") { // doshomething } else { // doshom...
致 Python 初学者
文章目录1. 前言2. 明确学习目标,不急于求成,不好高骛远3. 在开始学习 Python 之前,你需要做一些准备2.1 Python 的各种发行版2.2 安装 Python2.3 选择一款趁手的开发工具3. 习惯使用IDLE,这是学习python最好的方式4. 严格遵从编码规范5. 代码的运行、调试5. 模块管理5.1 同时安装了py2/py35.2 使用Anaconda,或者通过IDE来安装模
“狗屁不通文章生成器”登顶GitHub热榜,分分钟写出万字形式主义大作
一、垃圾文字生成器介绍 最近在浏览GitHub的时候,发现了这样一个骨骼清奇的雷人项目,而且热度还特别高。 项目中文名:狗屁不通文章生成器 项目英文名:BullshitGenerator 根据作者的介绍,他是偶尔需要一些中文文字用于GUI开发时测试文本渲染,因此开发了这个废话生成器。但由于生成的废话实在是太过富于哲理,所以最近已经被小伙伴们给玩坏了。 他的文风可能是这样的: 你发现,
程序员:我终于知道post和get的区别
IT界知名的程序员曾说:对于那些月薪三万以下,自称IT工程师的码农们,其实我们从来没有把他们归为我们IT工程师的队伍。他们虽然总是以IT工程师自居,但只是他们一厢情愿罢了。 此话一出,不知激起了多少(码农)程序员的愤怒,却又无可奈何,于是码农问程序员。 码农:你知道get和post请求到底有什么区别? 程序员:你看这篇就知道了。 码农:你月薪三万了? 程序员:嗯。 码农:你是怎么做到的? 程序员:
羞,Java 字符串拼接竟然有这么多姿势
二哥,我今年大二,看你分享的《阿里巴巴 Java 开发手册》上有一段内容说:“循环体内,拼接字符串最好使用 StringBuilder 的 append 方法,而不是 + 号操作符。”到底为什么啊,我平常一直就用的‘+’号操作符啊!二哥有空的时候能否写一篇文章分析一下呢? 就在昨天,一位叫小菜的读者微信我说了上面这段话。 我当时看到这条微信的第一感觉是:小菜你也太菜了吧,这都不知道为啥啊!我估
"狗屁不通文章生成器"登顶GitHub热榜,分分钟写出万字形式主义大作
GitHub 被誉为全球最大的同性交友网站,……,陪伴我们已经走过 10+ 年时间,它托管了大量的软件代码,同时也承载了程序员无尽的欢乐。 万字申请,废话报告,魔幻形式主义大作怎么写?兄dei,狗屁不通文章生成器了解一下。这个富有灵魂的项目名吸引了众人的目光。项目仅仅诞生一周,便冲上了GitHub趋势榜榜首(Js中文网 -前端进阶资源教程)、是榜首哦
推荐几款比较实用的工具,网站
1.盘百度PanDownload   这个云盘工具是免费的,可以进行资源搜索,提速(偶尔会抽风......) 不要去某站买付费的......   PanDownload下载地址   2.BeJSON 这是一款拥有各种在线工具的网站,推荐它的主要原因是网站简洁,功能齐全,广告相比其他广告好太多了     bejson网站   3.二维码美化 这个网站的二维码美化很好看,网站界面
《程序人生》系列-这个程序员只用了20行代码就拿了冠军
你知道的越多,你不知道的越多 点赞再看,养成习惯GitHub上已经开源https://github.com/JavaFamily,有一线大厂面试点脑图,欢迎Star和完善 前言 这一期不算《吊打面试官》系列的,所有没前言我直接开始。 絮叨 本来应该是没有这期的,看过我上期的小伙伴应该是知道的嘛,双十一比较忙嘛,要值班又要去帮忙拍摄年会的视频素材,还得搞个程序员一天的Vlog,还要写BU
程序员把地府后台管理系统做出来了,还有3.0版本!12月7号最新消息:已在开发中有github地址
第一幕:缘起 听说阎王爷要做个生死簿后台管理系统,我们派去了一个程序员…… 996程序员做的梦: 第一场:团队招募 为了应对地府管理危机,阎王打算找“人”开发一套地府后台管理系统,于是就在地府总经办群中发了项目需求。 话说还是中国电信的信号好,地府都是满格,哈哈!!! 经常会有外行朋友问:看某网站做的不错,功能也简单,你帮忙做一下? 而这次,面对这样的需求,这个程序员
网易云6亿用户音乐推荐算法
网易云音乐是音乐爱好者的集聚地,云音乐推荐系统致力于通过 AI 算法的落地,实现用户千人千面的个性化推荐,为用户带来不一样的听歌体验。 本次分享重点介绍 AI 算法在音乐推荐中的应用实践,以及在算法落地过程中遇到的挑战和解决方案。 将从如下两个部分展开: AI 算法在音乐推荐中的应用 音乐场景下的 AI 思考 从 2013 年 4 月正式上线至今,网易云音乐平台持续提供着:乐屏社区、UGC
8年经验面试官详解 Java 面试秘诀
    作者 | 胡书敏 责编 | 刘静 出品 | CSDN(ID:CSDNnews) 本人目前在一家知名外企担任架构师,而且最近八年来,在多家外企和互联网公司担任Java技术面试官,前后累计面试了有两三百位候选人。在本文里,就将结合本人的面试经验,针对Java初学者、Java初级开发和Java开发,给出若干准备简历和准备面试的建议。   Java程序员准备和投递简历的实
面试官如何考察你的思维方式?
1.两种思维方式在求职面试中,经常会考察这种问题:北京有多少量特斯拉汽车? 某胡同口的煎饼摊一年能卖出多少个煎饼? 深圳有多少个产品经理? 一辆公交车里能装下多少个乒乓球? 一
相关热词 c#处理浮点数 c# 生成字母数字随机数 c# 动态曲线 控件 c# oracle 开发 c#选择字体大小的控件 c# usb 批量传输 c#10进制转8进制 c#转base64 c# 科学计算 c#下拉列表获取串口
立即提问