NutzCN Logo
问答 在nutzwk里ShiroFilter之前在加一个filter,做登录(SecurityUtils.getSubject().login(captchaToken))时报错!
发布于 2752天前 作者 wendal 3423 次浏览 复制 上一个帖子 下一个帖子
标签: nutzwk

逻辑初衷,想在微信端通过1次绑定号码后,以后每次进来,获取openid后做一个自动登录。
在ShiroFilter之前加入WxLoginFilter。调用

SecurityUtils.getSubject().login(captchaToken);

但请求页面时报错。

org.apache.shiro.UnavailableSecurityManagerException: No SecurityManager accessible to the calling code, either bound to the org.apache.shiro.util.ThreadContext or as a vm static singleton.  This is an invalid application configuration.
	org.apache.shiro.SecurityUtils.getSecurityManager(SecurityUtils.java:123)
	org.apache.shiro.subject.Subject$Builder.<init>(Subject.java:627)
	org.apache.shiro.SecurityUtils.getSubject(SecurityUtils.java:56)
	cn.greetrend.qz.base.filter.WxLoginFilter.doFilter(WxLoginFilter.java:63)

请问,这个问题有没有方式解决。或者有更好的思路?

15 回复

web.xml里面的?

在web.xml里ShiroFilter上面,加入WxLoginFilter。但是在WxLoginFilter.java类里调用

SecurityUtils.getSubject().login(captchaToken);

时报错

因为我这边不做登录的话,等WxLoginFilter过度到ShiroFilter时,也会出现未登录情况,而导致页面跳转

你用shiro.ini做了基于路径的权限配置?

没有。没动shiro.ini。

nutzwk的基本配置都没动过

只是想在页面进入最初,做登录。微信进入页面时才好通过 controller 的@RequiresPermissions判断

放在ShiroFilter和NutFilter之间应该ok吧?

放在ShiroFilter和NutFilter中间也有问题。
Mvcs.getIoc()为空

[WARN ] 2017-06-12 09:43:12,936 org.apache.shiro.authc.AbstractAuthenticator.authenticate(AbstractAuthenticator.java:216) - Authentication failed for token submission [cn.wizzer.framework.shiro.token.CaptchaToken - superadmin, rememberMe=false (127.0.0.1)].  Possible unexpected error? (Typical or expected login exceptions should extend from AuthenticationException).
java.lang.NullPointerException
	at cn.wizzer.app.web.commons.shiro.realm.PlatformAuthorizingRealm.getUserService(PlatformAuthorizingRealm.java:43)
	at cn.wizzer.app.web.commons.shiro.realm.PlatformAuthorizingRealm.doGetAuthenticationInfo(PlatformAuthorizingRealm.java:76)
	at org.apache.shiro.realm.AuthenticatingRealm.getAuthenticationInfo(AuthenticatingRealm.java:568)
	at org.apache.shiro.authc.pam.ModularRealmAuthenticator.doSingleRealmAuthentication(ModularRealmAuthenticator.java:180)
	at org.apache.shiro.authc.pam.ModularRealmAuthenticator.doAuthenticate(ModularRealmAuthenticator.java:267)
	at org.apache.shiro.authc.AbstractAuthenticator.authenticate(AbstractAuthenticator.java:198)
	at org.apache.shiro.mgt.AuthenticatingSecurityManager.authenticate(AuthenticatingSecurityManager.java:106)
	at org.apache.shiro.mgt.DefaultSecurityManager.login(DefaultSecurityManager.java:270)
	at org.apache.shiro.subject.support.DelegatingSubject.login(DelegatingSubject.java:256)
	at cn.greetrend.qz.base.filter.WxLoginFilter.doFilter(WxLoginFilter.java:63)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:240)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:207)
	at cn.wizzer.app.web.commons.filter.RouteFilter.doFilter(RouteFilter.java:31)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:240)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:207)
	at org.apache.shiro.web.servlet.ProxiedFilterChain.doFilter(ProxiedFilterChain.java:61)
	at org.apache.shiro.web.servlet.AdviceFilter.executeChain(AdviceFilter.java:108)
	at org.apache.shiro.web.servlet.AdviceFilter.doFilterInternal(AdviceFilter.java:137)
	at org.apache.shiro.web.servlet.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:125)
	at org.apache.shiro.web.servlet.ProxiedFilterChain.doFilter(ProxiedFilterChain.java:66)
	at org.apache.shiro.web.servlet.AbstractShiroFilter.executeChain(AbstractShiroFilter.java:449)
	at org.apache.shiro.web.servlet.AbstractShiroFilter$1.call(AbstractShiroFilter.java:365)
	at org.apache.shiro.subject.support.SubjectCallable.doCall(SubjectCallable.java:90)
	at org.apache.shiro.subject.support.SubjectCallable.call(SubjectCallable.java:83)
	at org.apache.shiro.subject.support.DelegatingSubject.execute(DelegatingSubject.java:383)
	at org.apache.shiro.web.servlet.AbstractShiroFilter.doFilterInternal(AbstractShiroFilter.java:362)
	at org.apache.shiro.web.servlet.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:125)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:240)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:207)
	at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:212)
	at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:94)
	at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:504)
	at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:141)
	at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:79)
	at org.apache.catalina.valves.AbstractAccessLogValve.invoke(AbstractAccessLogValve.java:620)
	at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:88)
	at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:502)
	at org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1132)
	at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:684)
	at org.apache.tomcat.util.net.AprEndpoint$SocketProcessor.doRun(AprEndpoint.java:2521)
	at org.apache.tomcat.util.net.AprEndpoint$SocketProcessor.run(AprEndpoint.java:2510)
	at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
	at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
	at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
	at java.lang.Thread.run(Thread.java:745)

请问,

new NutIoc(new ComboIocLoader("*anoo"))

这个中的new ComboIocLoader 参数,到底是类名?还是包路径或者其他的?,我这里写不对呢。。

不要new啊!!!!!

Ioc ioc = Mvcs.ctx().getDefaultIoc();

对应微信菜单配置是:链接类型-->应用Oauth2.0

感谢2位,问题已经解决了

Ioc ioc = Mvcs.ctx().getDefaultIoc();
添加回复
请先登陆
回到顶部