在nutzwk里ShiroFilter之前在加一个filter，做登录(SecurityUtils.getSubject().login(captchaToken))时报错！

逻辑初衷，想在微信端通过1次绑定号码后，以后每次进来，获取openid后做一个自动登录。
在ShiroFilter之前加入WxLoginFilter。调用

SecurityUtils.getSubject().login(captchaToken);

但请求页面时报错。

org.apache.shiro.UnavailableSecurityManagerException: No SecurityManager accessible to the calling code, either bound to the org.apache.shiro.util.ThreadContext or as a vm static singleton.  This is an invalid application configuration.
	org.apache.shiro.SecurityUtils.getSecurityManager(SecurityUtils.java:123)
	org.apache.shiro.subject.Subject$Builder.<init>(Subject.java:627)
	org.apache.shiro.SecurityUtils.getSubject(SecurityUtils.java:56)
	cn.greetrend.qz.base.filter.WxLoginFilter.doFilter(WxLoginFilter.java:63)

请问，这个问题有没有方式解决。或者有更好的思路？

wendal

1楼•2722天前

web.xml里面的？

wendal(qq_85c4d0e8) 2楼•2722天前

在web.xml里ShiroFilter上面，加入WxLoginFilter。但是在WxLoginFilter.java类里调用

SecurityUtils.getSubject().login(captchaToken);

时报错

wendal(qq_85c4d0e8) 3楼•2721天前

因为我这边不做登录的话，等WxLoginFilter过度到ShiroFilter时，也会出现未登录情况，而导致页面跳转

wendal

4楼•2721天前

你用shiro.ini做了基于路径的权限配置？

wendal(qq_85c4d0e8) 5楼•2721天前

没有。没动shiro.ini。

wendal(qq_85c4d0e8) 6楼•2721天前

nutzwk的基本配置都没动过

wendal(qq_85c4d0e8) 7楼•2721天前

只是想在页面进入最初，做登录。微信进入页面时才好通过 controller 的@RequiresPermissions判断

wendal

8楼•2721天前

放在ShiroFilter和NutFilter之间应该ok吧?

wendal(qq_85c4d0e8) 9楼•2720天前

放在ShiroFilter和NutFilter中间也有问题。
Mvcs.getIoc()为空

[WARN ] 2017-06-12 09:43:12,936 org.apache.shiro.authc.AbstractAuthenticator.authenticate(AbstractAuthenticator.java:216) - Authentication failed for token submission [cn.wizzer.framework.shiro.token.CaptchaToken - superadmin, rememberMe=false (127.0.0.1)].  Possible unexpected error? (Typical or expected login exceptions should extend from AuthenticationException).
java.lang.NullPointerException
	at cn.wizzer.app.web.commons.shiro.realm.PlatformAuthorizingRealm.getUserService(PlatformAuthorizingRealm.java:43)
	at cn.wizzer.app.web.commons.shiro.realm.PlatformAuthorizingRealm.doGetAuthenticationInfo(PlatformAuthorizingRealm.java:76)
	at org.apache.shiro.realm.AuthenticatingRealm.getAuthenticationInfo(AuthenticatingRealm.java:568)
	at org.apache.shiro.authc.pam.ModularRealmAuthenticator.doSingleRealmAuthentication(ModularRealmAuthenticator.java:180)
	at org.apache.shiro.authc.pam.ModularRealmAuthenticator.doAuthenticate(ModularRealmAuthenticator.java:267)
	at org.apache.shiro.authc.AbstractAuthenticator.authenticate(AbstractAuthenticator.java:198)
	at org.apache.shiro.mgt.AuthenticatingSecurityManager.authenticate(AuthenticatingSecurityManager.java:106)
	at org.apache.shiro.mgt.DefaultSecurityManager.login(DefaultSecurityManager.java:270)
	at org.apache.shiro.subject.support.DelegatingSubject.login(DelegatingSubject.java:256)
	at cn.greetrend.qz.base.filter.WxLoginFilter.doFilter(WxLoginFilter.java:63)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:240)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:207)
	at cn.wizzer.app.web.commons.filter.RouteFilter.doFilter(RouteFilter.java:31)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:240)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:207)
	at org.apache.shiro.web.servlet.ProxiedFilterChain.doFilter(ProxiedFilterChain.java:61)
	at org.apache.shiro.web.servlet.AdviceFilter.executeChain(AdviceFilter.java:108)
	at org.apache.shiro.web.servlet.AdviceFilter.doFilterInternal(AdviceFilter.java:137)
	at org.apache.shiro.web.servlet.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:125)
	at org.apache.shiro.web.servlet.ProxiedFilterChain.doFilter(ProxiedFilterChain.java:66)
	at org.apache.shiro.web.servlet.AbstractShiroFilter.executeChain(AbstractShiroFilter.java:449)
	at org.apache.shiro.web.servlet.AbstractShiroFilter$1.call(AbstractShiroFilter.java:365)
	at org.apache.shiro.subject.support.SubjectCallable.doCall(SubjectCallable.java:90)
	at org.apache.shiro.subject.support.SubjectCallable.call(SubjectCallable.java:83)
	at org.apache.shiro.subject.support.DelegatingSubject.execute(DelegatingSubject.java:383)
	at org.apache.shiro.web.servlet.AbstractShiroFilter.doFilterInternal(AbstractShiroFilter.java:362)
	at org.apache.shiro.web.servlet.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:125)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:240)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:207)
	at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:212)
	at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:94)
	at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:504)
	at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:141)
	at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:79)
	at org.apache.catalina.valves.AbstractAccessLogValve.invoke(AbstractAccessLogValve.java:620)
	at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:88)
	at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:502)
	at org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1132)
	at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:684)
	at org.apache.tomcat.util.net.AprEndpoint$SocketProcessor.doRun(AprEndpoint.java:2521)
	at org.apache.tomcat.util.net.AprEndpoint$SocketProcessor.run(AprEndpoint.java:2510)
	at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
	at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
	at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
	at java.lang.Thread.run(Thread.java:745)

wendal

10楼•2720天前

http://nutzam.com/core/ioc/ioc_by_hand.html

按这个改一下

wendal(qq_85c4d0e8) 11楼•2720天前

请问，