shiro的 @RequiresPermissions 没作用 帮我看看是什么地方出了问题

spring-mvc.xml

 <?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:context="http://www.springframework.org/schema/context"
    xmlns:mvc="http://www.springframework.org/schema/mvc" xmlns:aop="http://www.springframework.org/schema/aop"
    xsi:schemaLocation="
              http://www.springframework.org/schema/mvc
              http://www.springframework.org/schema/mvc/spring-mvc-3.0.xsd
              http://www.springframework.org/schema/beans
              http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
              http://www.springframework.org/schema/context
              http://www.springframework.org/schema/context/spring-context-3.0.xsd
              http://www.springframework.org/schema/aop
              http://www.springframework.org/schema/aop/spring-aop-3.0.xsd
              ">

    <!-- 扫描所有的 controller -->
    <context:component-scan base-package="com.aiyoufei.iface" />

    <!-- 启动注解驱动 SpringMVC 功能 -->
    <mvc:annotation-driven />

    <!-- 启动SpringMVC的注解功能，完成请求和注解POJO的映射 -->
    <bean
        class="org.springframework.web.servlet.mvc.annotation.AnnotationMethodHandlerAdapter">
        <property name="messageConverters">
            <list>
                <ref bean="jsonMapping" />     <!-- JSON转换器 -->
            </list>
        </property>
    </bean>

    <!--避免IE执行AJAX时，返回JSON出现下载文件 -->
    <bean id="jsonMapping"
        class="org.springframework.http.converter.json.MappingJacksonHttpMessageConverter">
        <property name="supportedMediaTypes">
            <list>
                <value>text/html;charset=gbk</value>
            </list>
        </property>
    </bean>

    <!-- 配置文件上传，如果没有使用文件上传可以不用配置，当然如果不配，那么配置文件中也不必引入上传组件包 -->
    <bean id="multipartResolver"
        class="org.springframework.web.multipart.commons.CommonsMultipartResolver">
        <!-- 默认编码 -->
        <property name="defaultEncoding" value="gbk" />
        <!-- 文件大小最大值 -->
        <property name="maxUploadSize" value="10485760000" />
        <!-- 内存中的最大值 -->
        <property name="maxInMemorySize" value="40960" />
    </bean>

    <!-- 定义跳转的文件的前后缀，视图模式配置 -->
    <bean
        class="org.springframework.web.servlet.view.InternalResourceViewResolver">
        <property name="prefix" value="/WEB-INF/views/"/>
        <property name="suffix" value=".jsp"/>
    </bean>

    <!--启用shiro注解 -->
    <bean
        class="org.springframework.aop.framework.autoproxy.DefaultAdvisorAutoProxyCreator"
        depends-on="lifecycleBeanPostProcessor">
        <property name="proxyTargetClass" value="true" />
    </bean>


    <bean
        class="org.apache.shiro.spring.security.interceptor.AuthorizationAttributeSourceAdvisor">
        <property name="securityManager" ref="securityManager" />
    </bean>
    <!-- shiro为集成springMvc 拦截异常，使用注解时无权限的跳转 -->
    <bean
        class="org.springframework.web.servlet.handler.SimpleMappingExceptionResolver">
        <property name="exceptionMappings">
            <props>
                <!-- 这里你可以根据需要定义N多个错误异常转发 -->
                <prop key="org.apache.shiro.authz.UnauthorizedException">redirect:/unauthorized</prop>
                <prop key="org.apache.shiro.authz.UnauthenticatedException">redirect:/unauthorized</prop>
                <prop key="java.lang.IllegalArgumentException">error/400</prop>  <!-- 参数错误(bizError.jsp) -->
                <prop key="java.lang.Exception">error/500</prop>  <!-- 其他错误为'未定义错误'(unknowError.jsp) -->
            </props>
        </property>
    </bean>

    <!-- 静态资源访问（不拦截此目录下的东西的访问） -->
     <mvc:resources location="/static" mapping="/**"/>



</beans>