NutzCN Logo
问答 shiro验证出错(not IOException or ServletException as the Filter API recommends)
发布于 5天前 作者 quinnxiao 53 次浏览 复制 上一个帖子 下一个帖子
标签:

我使用UsernamePasswordToken得时候登录没有问题,但是使用SimpleShiroToken登录侯就出现这个错误

DXJ50: 2018-09-14 12:36:22,149 [http-bio-8080-exec-28] DEBUG org.apache.shiro.web.servlet.AdviceFilter - Filter execution resulted in an unexpected Exception (not IOException or ServletException as the Filter API recommends).  Wrapping in ServletException and propagating.
try {
                User user = (User) sr.obj;
//                SecurityUtils.getSubject().login(new UsernamePasswordToken(user.getMobile(),user.getLogPwd()));
                SecurityUtils.getSubject().login(new SimpleShiroToken(user));

                Auth me = new Auth();
                me.id = user.getId();
                me.name = user.getUserName();

                session.removeAttribute(Auth.MANA_KEY);
                session.setAttribute(Auth.MANA_KEY, me);
                session.removeAttribute(AuthService.SK_MOBILE_BIND_CODE);
                session.removeAttribute(AuthService.SK_MOBILE_BIND_PHONE_NO);

            } catch (AuthenticationException e) {
                e.printStackTrace();
                return this.getMsgView(e.getMessage());
            }

package com.hxd.shiro.realm;

import com.hxd.pojo.Permission;
import com.hxd.pojo.Role;
import com.hxd.pojo.User;
import com.hxd.service.impl.AuthService;
import org.apache.shiro.authc.*;
import org.apache.shiro.authc.credential.CredentialsMatcher;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.cache.CacheManager;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.nutz.integration.shiro.SimpleShiroToken;
import org.nutz.mvc.Mvcs;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

import java.util.List;

/**
* Create by quinn on 2018/5/15
*
* @author quinn
* @desc 自定义验证realm
*/
public class UserRealm extends AuthorizingRealm {

private static final Logger log = LoggerFactory.getLogger(UserRealm.class);

public AuthService getAuthService() {
    return Mvcs.getIoc().get(AuthService.class);
}

public UserRealm() {
    this(null, null);
}

public UserRealm(CacheManager cacheManager, CredentialsMatcher matcher) {
    super(cacheManager, matcher);
    // 非常非常重要,与SecurityUtils.getSubject().login是对应关系!!!
    setAuthenticationTokenClass(SimpleShiroToken.class);
}

public UserRealm(CacheManager cacheManager) {
    this(cacheManager, null);
}

public UserRealm(CredentialsMatcher matcher) {
    this(null, matcher);
}

/**
 * 验证用户角色和权限
 *
 * @param collection
 * @return
 */
@Override
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection collection) {
    User user = (User) collection.getPrimaryPrincipal();
    SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();

    List<Role> roles = getAuthService().getRoles(user);
    if (roles!=null) {
        for (Role role : roles) {
            info.addRole(role.getName());

            if (role.getPermissions()!=null) {
                for (Permission permission : role.getPermissions()) {
                    info.addStringPermission(permission.getName());
                }
            }
        }
    }

    List<Permission> permissions = getAuthService().getPermissions(user);
    if (permissions!=null) {
        for (Permission permission : permissions) {
            info.addStringPermission(permission.getName());
        }
    }

    return info;
}

/**
 * 验证用户登录
 * @param authenticationToken
 * @return
 * @throws AuthenticationException
 */
@Override
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException {
    SimpleShiroToken token = (SimpleShiroToken) authenticationToken;
    User user = (User) token.getPrincipal();
    return new SimpleAccount(user.getId(),user.getLogPwd(),this.getName());
    /*UsernamePasswordToken token = (UsernamePasswordToken) authenticationToken;
    String username = token.getUsername();
    String password = String.valueOf(token.getPassword());
    return new SimpleAuthenticationInfo(username,password,this.getName());*/
}

/**
 * 覆盖父类的验证,直接pass. 在shiro内做验证的话, 出错了都不知道哪里错
 */
@Override
protected void assertCredentialsMatch(AuthenticationToken token, AuthenticationInfo info) throws AuthenticationException {
}

}
请问这是什么原因呢

4 回复

用"插入代码"按钮呀

贴完整报错信息

没有其它得报错信息了

DXJ50: 2018-09-14 13:44:09,989 [http-bio-8080-exec-40] DEBUG org.apache.shiro.web.servlet.SimpleCookie - Found 'sid' cookie value [2hum85k4l4hocpjionvb4jjisg]
DXJ50: 2018-09-14 13:44:09,989 [http-bio-8080-exec-40] DEBUG org.nutz.mvc.impl.UrlMappingImpl - Found mapping for [POST] path=/login : AuthController.login(AuthController.java:47)
DXJ50: 2018-09-14 13:44:09,990 [http-bio-8080-exec-40] DEBUG org.nutz.ioc.impl.NutIoc - Get 'manaAuthModule'<class com.hxd.controller.mana.AuthController>
Service Param:["18673196118", "admin123"]
DXJ50: 2018-09-14 13:44:09,995 [http-bio-8080-exec-40] DEBUG org.nutz.dao.impl.sql.run.NutDaoExecutor - SELECT * FROM user  WHERE mobile=? LIMIT 0, 1 
    |           1 |
    |-------------|
    | 18673196118 |
  For example:> "SELECT * FROM user  WHERE mobile='18673196118' LIMIT 0, 1 "
DXJ50: 2018-09-14 13:44:09,997 [http-bio-8080-exec-40] DEBUG org.nutz.dao.impl.interceptor.DaoTimeInterceptor - time=2ms, sql=SELECT * FROM user  WHERE mobile='18673196118' LIMIT 0, 1 
DXJ50: 2018-09-14 13:44:09,997 [http-bio-8080-exec-40] INFO  com.hxd.service.impl.AuthService - user md5 password : b2d00f73e0bd70706f5f42ba400e46f3
DXJ50: 2018-09-14 13:44:09,998 [http-bio-8080-exec-40] DEBUG org.nutz.dao.impl.sql.run.NutDaoExecutor - SELECT COUNT(*) FROM  member_lock where mid= 1 and lockflag=1 and DATE_FORMAT(ctime,'%Y%m%d')='20180914' 
DXJ50: 2018-09-14 13:44:10,000 [http-bio-8080-exec-40] DEBUG org.nutz.dao.impl.interceptor.DaoTimeInterceptor - time=2ms, sql=SELECT COUNT(*) FROM  member_lock where mid= 1 and lockflag=1 and DATE_FORMAT(ctime,'%Y%m%d')='20180914' 
DXJ50: 2018-09-14 13:44:10,000 [http-bio-8080-exec-40] DEBUG org.nutz.dao.impl.sql.run.NutDaoExecutor - DELETE FROM member_login_errorlog  WHERE mid=? AND DATE_FORMAT(ctime,'%Y%m%d%H')=?
    | 1 |          2 |
    |---|------------|
    | 1 | 2018091413 |
  For example:> "DELETE FROM member_login_errorlog  WHERE mid=1 AND DATE_FORMAT(ctime,'%Y%m%d%H')='2018091413'"
DXJ50: 2018-09-14 13:44:10,002 [http-bio-8080-exec-40] DEBUG org.nutz.dao.impl.interceptor.DaoTimeInterceptor - time=1ms, sql=DELETE FROM member_login_errorlog  WHERE mid=1 AND DATE_FORMAT(ctime,'%Y%m%d%H')='2018091413'
DXJ50: 2018-09-14 13:44:10,003 [http-bio-8080-exec-40] DEBUG org.nutz.dao.impl.sql.run.NutDaoExecutor - INSERT INTO system_logger(ip,method,mid,logger_msg,ctime,sqlstr,sqltype) VALUES(?,?,?,?,?,?,?) 
    |               1 |     2 | 3 |  4 |                   5 |    6 | 7 |
    |-----------------|-------|---|----|---------------------|------|---|
    | 0:0:0:0:0:0:0:1 | login | 1 | 登陆 | 2018-09-14 13:44:10 | NULL | 4 |
  For example:> "INSERT INTO system_logger(ip,method,mid,logger_msg,ctime,sqlstr,sqltype) VALUES('0:0:0:0:0:0:0:1','login',1,'登陆','2018-09-14 13:44:10','NULL',4) "
DXJ50: 2018-09-14 13:44:10,008 [http-bio-8080-exec-40] DEBUG org.nutz.dao.impl.interceptor.DaoTimeInterceptor - time=5ms, sql=INSERT INTO system_logger(ip,method,mid,logger_msg,ctime,sqlstr,sqltype) VALUES('0:0:0:0:0:0:0:1','login',1,'登陆','2018-09-14 13:44:10','NULL',4) 
DXJ50: 2018-09-14 13:44:10,009 [http-bio-8080-exec-40] DEBUG org.nutz.dao.impl.sql.run.NutDaoExecutor - DELETE FROM sms_notice  WHERE mobile=? AND actionType=?
    |           1 |         2 |
    |-------------|-----------|
    | 18673196118 | manaLogin |
  For example:> "DELETE FROM sms_notice  WHERE mobile='18673196118' AND actionType='manaLogin'"
DXJ50: 2018-09-14 13:44:10,011 [http-bio-8080-exec-40] DEBUG org.nutz.dao.impl.interceptor.DaoTimeInterceptor - time=2ms, sql=DELETE FROM sms_notice  WHERE mobile='18673196118' AND actionType='manaLogin'
DXJ50: 2018-09-14 13:44:10,057 [http-bio-8080-exec-40] DEBUG org.apache.shiro.realm.AuthenticatingRealm - Looked up AuthenticationInfo [1] from doGetAuthenticationInfo
DXJ50: 2018-09-14 13:44:10,058 [http-bio-8080-exec-40] DEBUG org.apache.shiro.realm.AuthenticatingRealm - AuthenticationInfo caching is disabled for info [1].  Submitted token: [org.nutz.integration.shiro.SimpleShiroToken@99c35b].
DXJ50: 2018-09-14 13:44:10,058 [http-bio-8080-exec-40] DEBUG org.apache.shiro.authc.AbstractAuthenticator - Authentication successful for token [org.nutz.integration.shiro.SimpleShiroToken@99c35b].  Returned account [1]
DXJ50: 2018-09-14 13:44:10,058 [http-bio-8080-exec-40] DEBUG org.apache.shiro.subject.support.DefaultSubjectContext - No SecurityManager available in subject context map.  Falling back to SecurityUtils.getSecurityManager() lookup.
DXJ50: 2018-09-14 13:44:10,059 [http-bio-8080-exec-40] DEBUG org.apache.shiro.mgt.DefaultSecurityManager - Context already contains a session.  Returning.
DXJ50: 2018-09-14 13:44:10,059 [http-bio-8080-exec-40] DEBUG org.apache.shiro.subject.support.DefaultSubjectContext - No SecurityManager available in subject context map.  Falling back to SecurityUtils.getSecurityManager() lookup.
DXJ50: 2018-09-14 13:44:10,059 [http-bio-8080-exec-40] DEBUG net.sf.ehcache.store.disk.Segment - put added 0 on heap
DXJ50: 2018-09-14 13:44:10,060 [http-bio-8080-exec-40] DEBUG net.sf.ehcache.store.disk.Segment - put updated, deleted 0 on heap
DXJ50: 2018-09-14 13:44:10,060 [http-bio-8080-exec-40] DEBUG net.sf.ehcache.store.disk.Segment - put updated, deleted 0 on disk
DXJ50: 2018-09-14 13:44:10,060 [http-bio-8080-exec-40] DEBUG org.nutz.plugins.cache.impl.redis.RedisCache2 - SET key=shiro-activeSessionCache:2hum85k4l4hocpjionvb4jjisg
DXJ50: 2018-09-14 13:44:10,061 [shiro-active%0053ession%0043ache.data] DEBUG net.sf.ehcache.store.disk.Segment - fault removed 0 from heap
DXJ50: 2018-09-14 13:44:10,061 [shiro-active%0053ession%0043ache.data] DEBUG net.sf.ehcache.store.disk.Segment - fault added 0 on disk
DXJ50: 2018-09-14 13:44:10,063 [http-bio-8080-exec-40] DEBUG org.nutz.plugins.cache.impl.lcache.LCache - fire channel=LCache:shiro-activeSessionCache msg=3t7q4j9f30gtgqv5m57meg1b84:2hum85k4l4hocpjionvb4jjisg
DXJ50: 2018-09-14 13:44:10,064 [lcache.pubsub] DEBUG org.nutz.plugins.cache.impl.lcache.CachePubSub - channel=LCache:shiro-activeSessionCache, msg=3t7q4j9f30gtgqv5m57meg1b84:2hum85k4l4hocpjionvb4jjisg
DXJ50: 2018-09-14 13:44:10,064 [http-bio-8080-exec-40] DEBUG net.sf.ehcache.store.disk.Segment - put added 0 on heap
DXJ50: 2018-09-14 13:44:10,065 [http-bio-8080-exec-40] DEBUG net.sf.ehcache.store.disk.Segment - put updated, deleted 0 on heap
DXJ50: 2018-09-14 13:44:10,065 [http-bio-8080-exec-40] DEBUG net.sf.ehcache.store.disk.Segment - put updated, deleted 0 on disk
DXJ50: 2018-09-14 13:44:10,066 [http-bio-8080-exec-40] DEBUG org.nutz.plugins.cache.impl.redis.RedisCache2 - SET key=shiro-activeSessionCache:2hum85k4l4hocpjionvb4jjisg
DXJ50: 2018-09-14 13:44:10,066 [shiro-active%0053ession%0043ache.data] DEBUG net.sf.ehcache.store.disk.Segment - fault removed 0 from heap
DXJ50: 2018-09-14 13:44:10,066 [shiro-active%0053ession%0043ache.data] DEBUG net.sf.ehcache.store.disk.Segment - fault added 0 on disk
DXJ50: 2018-09-14 13:44:10,067 [http-bio-8080-exec-40] DEBUG org.nutz.plugins.cache.impl.lcache.LCache - fire channel=LCache:shiro-activeSessionCache msg=3t7q4j9f30gtgqv5m57meg1b84:2hum85k4l4hocpjionvb4jjisg
DXJ50: 2018-09-14 13:44:10,068 [lcache.pubsub] DEBUG org.nutz.plugins.cache.impl.lcache.CachePubSub - channel=LCache:shiro-activeSessionCache, msg=3t7q4j9f30gtgqv5m57meg1b84:2hum85k4l4hocpjionvb4jjisg
DXJ50: 2018-09-14 13:44:10,068 [http-bio-8080-exec-40] DEBUG org.apache.shiro.web.servlet.SimpleCookie - Added HttpServletResponse Cookie [rememberMe=deleteMe; Path=/; Max-Age=0; Expires=Thu, 13-Sep-2018 05:44:10 GMT]
DXJ50: 2018-09-14 13:44:10,069 [http-bio-8080-exec-40] DEBUG org.apache.shiro.mgt.AbstractRememberMeManager - AuthenticationToken did not indicate RememberMe is requested.  RememberMe functionality will not be executed for corresponding account.
DXJ50: 2018-09-14 13:44:10,069 [http-bio-8080-exec-40] DEBUG net.sf.ehcache.store.disk.Segment - put added 0 on heap
DXJ50: 2018-09-14 13:44:10,071 [http-bio-8080-exec-40] DEBUG net.sf.ehcache.store.disk.Segment - put updated, deleted 0 on heap
DXJ50: 2018-09-14 13:44:10,071 [http-bio-8080-exec-40] DEBUG net.sf.ehcache.store.disk.Segment - put updated, deleted 0 on disk
DXJ50: 2018-09-14 13:44:10,072 [http-bio-8080-exec-40] DEBUG org.nutz.plugins.cache.impl.redis.RedisCache2 - SET key=shiro-activeSessionCache:2hum85k4l4hocpjionvb4jjisg
DXJ50: 2018-09-14 13:44:10,072 [shiro-active%0053ession%0043ache.data] DEBUG net.sf.ehcache.store.disk.Segment - fault removed 0 from heap
DXJ50: 2018-09-14 13:44:10,072 [shiro-active%0053ession%0043ache.data] DEBUG net.sf.ehcache.store.disk.Segment - fault added 0 on disk
DXJ50: 2018-09-14 13:44:10,074 [http-bio-8080-exec-40] DEBUG org.nutz.plugins.cache.impl.lcache.LCache - fire channel=LCache:shiro-activeSessionCache msg=3t7q4j9f30gtgqv5m57meg1b84:2hum85k4l4hocpjionvb4jjisg
DXJ50: 2018-09-14 13:44:10,076 [lcache.pubsub] DEBUG org.nutz.plugins.cache.impl.lcache.CachePubSub - channel=LCache:shiro-activeSessionCache, msg=3t7q4j9f30gtgqv5m57meg1b84:2hum85k4l4hocpjionvb4jjisg
DXJ50: 2018-09-14 13:44:11,093 [http-bio-8080-exec-40] DEBUG org.apache.shiro.web.servlet.SimpleCookie - Found 'sid' cookie value [2hum85k4l4hocpjionvb4jjisg]
DXJ50: 2018-09-14 13:44:11,095 [http-bio-8080-exec-40] DEBUG org.apache.shiro.web.servlet.AdviceFilter - Filter execution resulted in an unexpected Exception (not IOException or ServletException as the Filter API recommends).  Wrapping in ServletException and propagating.
DXJ50: 2018-09-14 13:44:11,098 [http-bio-8080-exec-40] DEBUG org.apache.shiro.web.servlet.SimpleCookie - Found 'sid' cookie value [2hum85k4l4hocpjionvb4jjisg]
DXJ50: 2018-09-14 13:44:11,207 [http-bio-8080-exec-34] DEBUG org.apache.shiro.web.servlet.SimpleCookie - Found 'sid' cookie value [2hum85k4l4hocpjionvb4jjisg]
DXJ50: 2018-09-14 13:44:11,207 [http-bio-8080-exec-38] DEBUG org.apache.shiro.web.servlet.SimpleCookie - Found 'sid' cookie value [2hum85k4l4hocpjionvb4jjisg]
DXJ50: 2018-09-14 13:44:11,207 [http-bio-8080-exec-39] DEBUG org.apache.shiro.web.servlet.SimpleCookie - Found 'sid' cookie value [2hum85k4l4hocpjionvb4jjisg]
DXJ50: 2018-09-14 13:44:11,208 [http-bio-8080-exec-34] DEBUG org.apache.shiro.web.servlet.SimpleCookie - Found 'sid' cookie value [2hum85k4l4hocpjionvb4jjisg]
DXJ50: 2018-09-14 13:44:11,208 [http-bio-8080-exec-39] DEBUG org.apache.shiro.web.servlet.SimpleCookie - Found 'sid' cookie value [2hum85k4l4hocpjionvb4jjisg]
DXJ50: 2018-09-14 13:44:11,208 [http-bio-8080-exec-38] DEBUG org.apache.shiro.web.servlet.SimpleCookie - Found 'sid' cookie value [2hum85k4l4hocpjionvb4jjisg]
DXJ50: 2018-09-14 13:44:18,244 [MyScheduler_QuartzSchedulerThread] DEBUG org.quartz.core.QuartzSchedulerThread - batch acquisition of 0 triggers

那是无解的,要找出具体的报错

查到原因了,在这段代码中,

@Override
    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException {
        SimpleShiroToken token = (SimpleShiroToken) authenticationToken;
        User user = (User) token.getPrincipal();
//        return new SimpleAccount(user.getId(),user.getLogPwd(),this.getName());
        /*UsernamePasswordToken token = (UsernamePasswordToken) authenticationToken;
        String username = token.getUsername();
        String password = String.valueOf(token.getPassword());*/
        return new SimpleAuthenticationInfo(user.getMobile(),user.getLogPwd(),this.getName());
    }

如果我返回SimpleAccount,就会报

DXJ50: 2018-09-14 13:44:11,095 [http-bio-8080-exec-40] DEBUG org.apache.shiro.web.servlet.AdviceFilter - Filter execution resulted in an unexpected Exception (not IOException or ServletException as the Filter API recommends).  Wrapping in ServletException and propagating.

这个错误,但是返回SimpleAuthenticationInfo就不会报错

添加回复
请先登陆
回到顶部