Nutz
  1. 主页/
  2. 问答
NutzCN Logo
问答 第一次尝试使用NB的shiro,现在报错,麻烦指导下
发布于 2104天前 作者 文涛(wentao) 1315 次浏览 复制 上一个帖子 下一个帖子
标签:

没有写任何配置,用的注解


    @At("/login")
    public boolean login() {
        Subject subject = SecurityUtils.getSubject();
        subject.login(new SimpleShiroToken("admin"));
        return true;
    }

    @At("/update")
    @RequiresUser
    public NutMap update(RedisModel redisModel) {
        return new NutMap().setv("msg", "success");
    }

访问update正常拦截了请求,返回的{"ok":false,"msg":"user.require.unauthorized","type":"user.require.unauthorized"}
但访问login则报错,错误信息:

[DEBUG] 18:31:03.787 org.nutz.ioc.impl.NutIoc.get(NutIoc.java:166) - Get 'redisModule'<class iptv.bms.unicom.module.RedisModule>
[WARN ] 18:31:03.789 org.apache.shiro.authc.AbstractAuthenticator.authenticate(AbstractAuthenticator.java:216) - Authentication failed for token submission [org.nutz.integration.shiro.SimpleShiroToken@4b754e3e].  Possible unexpected error? (Typical or expected login exceptions should extend from AuthenticationException).
java.lang.IllegalStateException: Configuration error:  No realms have been configured!  One or more realms must be present to execute an authentication attempt.
        at org.apache.shiro.authc.pam.ModularRealmAuthenticator.assertRealmsConfigured(ModularRealmAuthenticator.java:161)
        at org.apache.shiro.authc.pam.ModularRealmAuthenticator.doAuthenticate(ModularRealmAuthenticator.java:264)
        at org.apache.shiro.authc.AbstractAuthenticator.authenticate(AbstractAuthenticator.java:198)
        at org.apache.shiro.mgt.AuthenticatingSecurityManager.authenticate(AuthenticatingSecurityManager.java:106)
        at org.apache.shiro.mgt.DefaultSecurityManager.login(DefaultSecurityManager.java:270)
        at org.apache.shiro.subject.support.DelegatingSubject.login(DelegatingSubject.java:256)
        at iptv.bms.unicom.module.RedisModule.login(RedisModule.java:50)
        at iptv.bms.unicom.module.RedisModule$FM$login$8320b131793b2170ef462bce4f9cbdd1.invoke(RedisModule.java)
        at org.nutz.mvc.impl.processor.MethodInvokeProcessor.process(MethodInvokeProcessor.java:31)
        at org.nutz.mvc.impl.processor.AbstractProcessor.doNext(AbstractProcessor.java:44)
        at org.nutz.mvc.impl.processor.AdaptorProcessor.process(AdaptorProcessor.java:38)
        at org.nutz.mvc.impl.processor.AbstractProcessor.doNext(AbstractProcessor.java:44)
        at org.nutz.mvc.impl.processor.ActionFiltersProcessor.process(ActionFiltersProcessor.java:58)
        at org.nutz.mvc.impl.processor.AbstractProcessor.doNext(AbstractProcessor.java:44)
        at org.nutz.integration.shiro.NutShiroProcessor.process(NutShiroProcessor.java:126)
        at org.nutz.mvc.impl.processor.AbstractProcessor.doNext(AbstractProcessor.java:44)
        at org.nutz.mvc.impl.processor.ModuleProcessor.process(ModuleProcessor.java:123)
        at org.nutz.mvc.impl.processor.AbstractProcessor.doNext(AbstractProcessor.java:44)
        at org.nutz.mvc.impl.processor.EncodingProcessor.process(EncodingProcessor.java:27)
        at org.nutz.mvc.impl.processor.AbstractProcessor.doNext(AbstractProcessor.java:44)
        at org.nutz.mvc.impl.processor.UpdateRequestAttributesProcessor.process(UpdateRequestAttributesProcessor.java:15)
        at org.nutz.mvc.impl.NutActionChain.doChain(NutActionChain.java:44)
        at org.nutz.mvc.impl.ActionInvoker.invoke(ActionInvoker.java:67)
        at org.nutz.mvc.ActionHandler.handle(ActionHandler.java:31)
        at org.nutz.mvc.NutFilter.doFilter(NutFilter.java:202)
        at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1642)
        at org.apache.shiro.web.servlet.AbstractShiroFilter.executeChain(AbstractShiroFilter.java:449)
        at org.apache.shiro.web.servlet.AbstractShiroFilter$1.call(AbstractShiroFilter.java:365)
        at org.apache.shiro.subject.support.SubjectCallable.doCall(SubjectCallable.java:90)
        at org.apache.shiro.subject.support.SubjectCallable.call(SubjectCallable.java:83)
        at org.apache.shiro.subject.support.DelegatingSubject.execute(DelegatingSubject.java:383)
        at org.apache.shiro.web.servlet.AbstractShiroFilter.doFilterInternal(AbstractShiroFilter.java:362)
        at org.apache.shiro.web.servlet.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:125)
        at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1642)
        at com.alibaba.druid.support.http.WebStatFilter.doFilter(WebStatFilter.java:123)
        at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1642)
        at org.nutz.mvc.WhaleFilter.doFilter(WhaleFilter.java:171)
        at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1634)
        at org.eclipse.jetty.websocket.server.WebSocketUpgradeFilter.doFilter(WebSocketUpgradeFilter.java:215)
        at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1642)
        at org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:533)
        at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:146)
        at org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:548)
        at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:132)
        at org.eclipse.jetty.server.handler.ScopedHandler.nextHandle(ScopedHandler.java:257)
        at org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:1595)
        at org.eclipse.jetty.server.handler.ScopedHandler.nextHandle(ScopedHandler.java:255)
        at org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1317)
        at org.eclipse.jetty.server.handler.ScopedHandler.nextScope(ScopedHandler.java:203)
        at org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:473)
        at org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:1564)
        at org.eclipse.jetty.server.handler.ScopedHandler.nextScope(ScopedHandler.java:201)
        at org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1219)
        at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:144)
        at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:132)
        at org.eclipse.jetty.server.Server.handle(Server.java:531)
        at org.eclipse.jetty.server.HttpChannel.handle(HttpChannel.java:352)
        at org.eclipse.jetty.server.HttpConnection.onFillable(HttpConnection.java:260)
        at org.eclipse.jetty.io.AbstractConnection$ReadCallback.succeeded(AbstractConnection.java:281)
        at org.eclipse.jetty.io.FillInterest.fillable(FillInterest.java:102)
        at org.eclipse.jetty.io.ChannelEndPoint$2.run(ChannelEndPoint.java:118)
        at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.runTask(EatWhatYouKill.java:333)
        at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.doProduce(EatWhatYouKill.java:310)
        at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.tryProduce(EatWhatYouKill.java:168)
        at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.run(EatWhatYouKill.java:126)
        at org.eclipse.jetty.util.thread.ReservedThreadExecutor$ReservedThread.run(ReservedThreadExecutor.java:366)
        at org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:762)
        at org.eclipse.jetty.util.thread.QueuedThreadPool$2.run(QueuedThreadPool.java:680)
        at java.lang.Thread.run(Thread.java:748)
[DEBUG] 18:31:03.794 org.apache.shiro.web.servlet.SimpleCookie.addCookieHeader(SimpleCookie.java:226) - Added HttpServletResponse Cookie [rememberMe=deleteMe; Path=/; Max-Age=0; Expires=Sat, 04-Aug-2018 10:31:03 GMT]
[WARN ] 18:31:03.795 org.nutz.mvc.impl.processor.FailProcessor.process(FailProcessor.java:28) - Error@/redis/login/ :
org.apache.shiro.authc.AuthenticationException: Authentication failed for token submission [org.nutz.integration.shiro.SimpleShiroToken@4b754e3e].  Possible unexpected error? (Typical or expected login exceptions should extend from AuthenticationException).
        at org.apache.shiro.authc.AbstractAuthenticator.authenticate(AbstractAuthenticator.java:214)
        at org.apache.shiro.mgt.AuthenticatingSecurityManager.authenticate(AuthenticatingSecurityManager.java:106)
        at org.apache.shiro.mgt.DefaultSecurityManager.login(DefaultSecurityManager.java:270)
        at org.apache.shiro.subject.support.DelegatingSubject.login(DelegatingSubject.java:256)
        at iptv.bms.unicom.module.RedisModule.login(RedisModule.java:50)
        at iptv.bms.unicom.module.RedisModule$FM$login$8320b131793b2170ef462bce4f9cbdd1.invoke(RedisModule.java)
        at org.nutz.mvc.impl.processor.MethodInvokeProcessor.process(MethodInvokeProcessor.java:31)
        at org.nutz.mvc.impl.processor.AbstractProcessor.doNext(AbstractProcessor.java:44)
        at org.nutz.mvc.impl.processor.AdaptorProcessor.process(AdaptorProcessor.java:38)
        at org.nutz.mvc.impl.processor.AbstractProcessor.doNext(AbstractProcessor.java:44)
        at org.nutz.mvc.impl.processor.ActionFiltersProcessor.process(ActionFiltersProcessor.java:58)
        at org.nutz.mvc.impl.processor.AbstractProcessor.doNext(AbstractProcessor.java:44)
        at org.nutz.integration.shiro.NutShiroProcessor.process(NutShiroProcessor.java:126)
        at org.nutz.mvc.impl.processor.AbstractProcessor.doNext(AbstractProcessor.java:44)
        at org.nutz.mvc.impl.processor.ModuleProcessor.process(ModuleProcessor.java:123)
        at org.nutz.mvc.impl.processor.AbstractProcessor.doNext(AbstractProcessor.java:44)
        at org.nutz.mvc.impl.processor.EncodingProcessor.process(EncodingProcessor.java:27)
        at org.nutz.mvc.impl.processor.AbstractProcessor.doNext(AbstractProcessor.java:44)
        at org.nutz.mvc.impl.processor.UpdateRequestAttributesProcessor.process(UpdateRequestAttributesProcessor.java:15)
        at org.nutz.mvc.impl.NutActionChain.doChain(NutActionChain.java:44)
        at org.nutz.mvc.impl.ActionInvoker.invoke(ActionInvoker.java:67)
        at org.nutz.mvc.ActionHandler.handle(ActionHandler.java:31)
        at org.nutz.mvc.NutFilter.doFilter(NutFilter.java:202)
        at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1642)
        at org.apache.shiro.web.servlet.AbstractShiroFilter.executeChain(AbstractShiroFilter.java:449)
        at org.apache.shiro.web.servlet.AbstractShiroFilter$1.call(AbstractShiroFilter.java:365)
        at org.apache.shiro.subject.support.SubjectCallable.doCall(SubjectCallable.java:90)
        at org.apache.shiro.subject.support.SubjectCallable.call(SubjectCallable.java:83)
        at org.apache.shiro.subject.support.DelegatingSubject.execute(DelegatingSubject.java:383)
        at org.apache.shiro.web.servlet.AbstractShiroFilter.doFilterInternal(AbstractShiroFilter.java:362)
        at org.apache.shiro.web.servlet.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:125)
        at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1642)
        at com.alibaba.druid.support.http.WebStatFilter.doFilter(WebStatFilter.java:123)
        at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1642)
        at org.nutz.mvc.WhaleFilter.doFilter(WhaleFilter.java:171)
        at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1634)
        at org.eclipse.jetty.websocket.server.WebSocketUpgradeFilter.doFilter(WebSocketUpgradeFilter.java:215)
        at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1642)
        at org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:533)
        at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:146)
        at org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:548)
        at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:132)
        at org.eclipse.jetty.server.handler.ScopedHandler.nextHandle(ScopedHandler.java:257)
        at org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:1595)
        at org.eclipse.jetty.server.handler.ScopedHandler.nextHandle(ScopedHandler.java:255)
        at org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1317)
        at org.eclipse.jetty.server.handler.ScopedHandler.nextScope(ScopedHandler.java:203)
        at org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:473)
        at org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:1564)
        at org.eclipse.jetty.server.handler.ScopedHandler.nextScope(ScopedHandler.java:201)
        at org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1219)
        at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:144)
        at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:132)
        at org.eclipse.jetty.server.Server.handle(Server.java:531)
        at org.eclipse.jetty.server.HttpChannel.handle(HttpChannel.java:352)
        at org.eclipse.jetty.server.HttpConnection.onFillable(HttpConnection.java:260)
        at org.eclipse.jetty.io.AbstractConnection$ReadCallback.succeeded(AbstractConnection.java:281)
        at org.eclipse.jetty.io.FillInterest.fillable(FillInterest.java:102)
        at org.eclipse.jetty.io.ChannelEndPoint$2.run(ChannelEndPoint.java:118)
        at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.runTask(EatWhatYouKill.java:333)
        at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.doProduce(EatWhatYouKill.java:310)
        at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.tryProduce(EatWhatYouKill.java:168)
        at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.run(EatWhatYouKill.java:126)
        at org.eclipse.jetty.util.thread.ReservedThreadExecutor$ReservedThread.run(ReservedThreadExecutor.java:366)
        at org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:762)
        at org.eclipse.jetty.util.thread.QueuedThreadPool$2.run(QueuedThreadPool.java:680)
        at java.lang.Thread.run(Thread.java:748)
Caused by: java.lang.IllegalStateException: Configuration error:  No realms have been configured!  One or more realms must be present to execute an authentication attempt.
        at org.apache.shiro.authc.pam.ModularRealmAuthenticator.assertRealmsConfigured(ModularRealmAuthenticator.java:161)
        at org.apache.shiro.authc.pam.ModularRealmAuthenticator.doAuthenticate(ModularRealmAuthenticator.java:264)
        at org.apache.shiro.authc.AbstractAuthenticator.authenticate(AbstractAuthenticator.java:198)
        ... 66 more
12 回复

继承AbstractSimpleAuthorizingRealm,实现个类, 标注@IocBean

哦,那就是按demo里的做一下吧,我试试

嗯, nutzboot里面每个starter都有对应的demo,演示最基本的功能

可以了,谢谢!

如果我在AbstractSimpleAuthorizingRealm里面,给用户只设置一个权限

auth.addStringPermission("user:list");

然后在方法上分别添加注解

@RequiresPermissions("user:add")
@RequiresPermissions("user:delete")
@RequiresPermissions("user:get")
@RequiresPermissions("user:list")

那么我这个用户就只能调用list,其他的都无权访问吧

RequiresPermissions默认是AND, 可以配置成OR

@wendal 现在如果没有登录,会返回 {"ok":false,"msg":"user.require.unauthorized","type":"user.require.unauthorized"}
请问这个返回值可以自定义吗?

NutShiro类

恩,在源码里发现ResponseHeader里写了一条loginStatus,通过这个判断确实很不错,感谢!

不过我发现在未登录状态,loginStatus是accessDenied, 但返回确是user.require.unauthorized,是不是不太对?

好像没啥问题吧, 单词不合适?

我看了NutShiroProcessor.java的注解
loginStatus=accessDenied 登录超时
loginStatus=unauthorized 没有权限

添加回复
请先登陆
回到顶部