NutzCN Logo
问答 nutz-boot-shiro error
发布于 2567天前 作者 Rekoe 2748 次浏览 复制 上一个帖子 下一个帖子
标签:

使用 ``` UsernamePasswordToken token = new UsernamePasswordToken(userName, password);
token.setRememberMe(true);


``` [DEBUG] 15:44:11.435 org.apache.shiro.web.servlet.SimpleCookie.readValue(SimpleCookie.java:389) - Found 'rememberMe' cookie value [exxxOMM+Z6e0vQ5zJllNE+6esgrAqrMBC0qZI6WoAGhI4XvDVDk+e0s7Y8LHs60XlFBgw532K5yyO5/WB9GcE5be7GDBvCGxoVgaPYU6Px+Gnjv8RYZMdx8tgfwB085TtDM8BIZVyvEkjSD7DkkvtzdiOXLxQOwipjp0h3ElgvPCTHb2Q7tABKfKZ7Y0Gu/FJI/bPfPBYhLzbhpzpwRoVyUDdr2wekJcR76a2MSn25xvtda5RhPIXSXzdiUohnRuDhVBqkFw/QF1FsBbrCNwhazG6895LDTgUBoo52jasfO/3k74MtOk81cB8OGGVmX1vGVlCf67zRXY190smvVKVFA9p1X6bHlSYpsSep6c3y1qeYwTFloJh7YVAatbJCpDq4P3q6RelBrRrg4gNLWIfvD9y32XwwI8LlQftYz/ju5i2lHAUBZyU4OREmJHzpn+yEO5/YxQFcnihQw/th53hnN+YQSki5cJsgivRNPX2j5c5MfMJatfF8tOY78xQbxc+NaBjiLZPh2S6mYUn1UwH8JiRDsWiX5/MBDV6mdLO6fEjiL0nQgurTch0xmL4wKhqCQkOU0TLkKqE7hhy3BC86vrx9MJTgCnUHG2zkR+uwZi6V8c8YG+wBY79PleZxfXgO8XCn17g0uePjTOvKEaDRxgF29mhCJNg+kCmyY+WPIbY8iRU1mWbJKPKv5vCu5qPv0DVLZ7ZtofIBg5zNt9Y4v7EvFJ/MxlMdYEaCmokWLvnSfS0d9Vinyg5RF9TMk0arDLzVkoJplB8f8KuVa5CaoefZsZUqSlth6BREsX2bRL8wObuzYvtSHBpe5w15eE2LjBAW1fZStd9GyiA4GUdK/qr4ztk0iG5bhF5LMhr5vdqICiHeTt3r12HkUak+x0zmFbS1W8Ny1SAG3AZianY79QD8qU8cHvcXaKZFBG+y4UGgaALYAL5NnAGKmC90FOlgrLvgHnoOnq37zHAh2VclgXHez+wWgELNG+eWMp1+G8mvI+xZr72I2uVcUjGwAdFddDV8GOq+zw4bbQljXy7ihNQSOz9KloDxKbCr3Zy5cNM7AgUM92dzRz717VYEh/z9pXv+iaw3r/+BasCVPlfsJ8Fh/lP8RihdNu1VuzSxd8QIh/mbCyCFP1ubZ0v9iJEXl9m7ouYMas8vM9xZ9436pJi6eRj6DQsuNmpM1xyxmoAx0L0naWeAXNp9OMpkR0ymoy3BGkMJqzEgjZsbUH3f0p1dhZxx8E6QVgGzn+WbdbqMWuyLK04mJjgNToFNqZ2CT/05oYbGkeCIYSh5/cqWeLzuZq2fWxd+nLk0JRRBO/aixZCMSbuK2Mivll7xuHXXa8kfPxRbNeAH2xWn+DtKPFaJwC3ymDES5ZKV5Bm/NMWgja1EmOdCPNH6B3u/DsnbXnp9dANyZVbblceeYBUPJCklyNBmCrTJFADM47D1IOVOzuGFWdKzG5ST6nMM+l] [DEBUG] 15:44:11.435 org.apache.shiro.web.servlet.SimpleCookie.readValue(SimpleCookie.java:389) - Found 'rememberMe' cookie value [exxxOMM+Z6e0vQ5zJllNE+6esgrAqrMBC0qZI6WoAGhI4XvDVDk+e0s7Y8LHs60XlFBgw532K5yyO5/WB9GcE5be7GDBvCGxoVgaPYU6Px+Gnjv8RYZMdx8tgfwB085TtDM8BIZVyvEkjSD7DkkvtzdiOXLxQOwipjp0h3ElgvPCTHb2Q7tABKfKZ7Y0Gu/FJI/bPfPBYhLzbhpzpwRoVyUDdr2wekJcR76a2MSn25xvtda5RhPIXSXzdiUohnRuDhVBqkFw/QF1FsBbrCNwhazG6895LDTgUBoo52jasfO/3k74MtOk81cB8OGGVmX1vGVlCf67zRXY190smvVKVFA9p1X6bHlSYpsSep6c3y1qeYwTFloJh7YVAatbJCpDq4P3q6RelBrRrg4gNLWIfvD9y32XwwI8LlQftYz/ju5i2lHAUBZyU4OREmJHzpn+yEO5/YxQFcnihQw/th53hnN+YQSki5cJsgivRNPX2j5c5MfMJatfF8tOY78xQbxc+NaBjiLZPh2S6mYUn1UwH8JiRDsWiX5/MBDV6mdLO6fEjiL0nQgurTch0xmL4wKhqCQkOU0TLkKqE7hhy3BC86vrx9MJTgCnUHG2zkR+uwZi6V8c8YG+wBY79PleZxfXgO8XCn17g0uePjTOvKEaDRxgF29mhCJNg+kCmyY+WPIbY8iRU1mWbJKPKv5vCu5qPv0DVLZ7ZtofIBg5zNt9Y4v7EvFJ/MxlMdYEaCmokWLvnSfS0d9Vinyg5RF9TMk0arDLzVkoJplB8f8KuVa5CaoefZsZUqSlth6BREsX2bRL8wObuzYvtSHBpe5w15eE2LjBAW1fZStd9GyiA4GUdK/qr4ztk0iG5bhF5LMhr5vdqICiHeTt3r12HkUak+x0zmFbS1W8Ny1SAG3AZianY79QD8qU8cHvcXaKZFBG+y4UGgaALYAL5NnAGKmC90FOlgrLvgHnoOnq37zHAh2VclgXHez+wWgELNG+eWMp1+G8mvI+xZr72I2uVcUjGwAdFddDV8GOq+zw4bbQljXy7ihNQSOz9KloDxKbCr3Zy5cNM7AgUM92dzRz717VYEh/z9pXv+iaw3r/+BasCVPlfsJ8Fh/lP8RihdNu1VuzSxd8QIh/mbCyCFP1ubZ0v9iJEXl9m7ouYMas8vM9xZ9436pJi6eRj6DQsuNmpM1xyxmoAx0L0naWeAXNp9OMpkR0ymoy3BGkMJqzEgjZsbUH3f0p1dhZxx8E6QVgGzn+WbdbqMWuyLK04mJjgNToFNqZ2CT/05oYbGkeCIYSh5/cqWeLzuZq2fWxd+nLk0JRRBO/aixZCMSbuK2Mivll7xuHXXa8kfPxRbNeAH2xWn+DtKPFaJwC3ymDES5ZKV5Bm/NMWgja1EmOdCPNH6B3u/DsnbXnp9dANyZVbblceeYBUPJCklyNBmCrTJFADM47D1IOVOzuGFWdKzG5ST6nMM+l] [WARN ] 15:44:11.451 org.apache.shiro.mgt.AbstractRememberMeManager.onRememberedPrincipalFailure(AbstractRememberMeManager.java:449) - There was a failure while trying to retrieve remembered principals. This could be due to a configuration problem or corrupted principals. This could also be due to a recently changed encryption key, if you are using a shiro.ini file, this property would be 'securityManager.rememberMeManager.cipherKey' see: http://shiro.apache.org/web.html#Web-RememberMeServices. The remembered identity will be forgotten and not used for this request. [WARN ] 15:44:11.451 org.apache.shiro.mgt.AbstractRememberMeManager.onRememberedPrincipalFailure(AbstractRememberMeManager.java:449) - There was a failure while trying to retrieve remembered principals. This could be due to a configuration problem or corrupted principals. This could also be due to a recently changed encryption key, if you are using a shiro.ini file, this property would be 'securityManager.rememberMeManager.cipherKey' see: http://shiro.apache.org/web.html#Web-RememberMeServices. The remembered identity will be forgotten and not used for this request. [DEBUG] 15:44:11.456 org.apache.shiro.web.servlet.SimpleCookie.addCookieHeader(SimpleCookie.java:226) - Added HttpServletResponse Cookie [rememberMe=deleteMe; Path=/; Max-Age=0; Expires=Mon, 11-Dec-2017 07:44:11 GMT] [WARN ] 15:44:11.456 org.apache.shiro.mgt.DefaultSecurityManager.getRememberedIdentity(DefaultSecurityManager.java:609) - Delegate RememberMeManager instance of type [org.apache.shiro.web.mgt.CookieRememberMeManager] threw an exception during getRememberedPrincipals(). org.apache.shiro.crypto.CryptoException: Unable to execute 'doFinal' with cipher instance [javax.crypto.Cipher@4b5f92c0]. at org.apache.shiro.crypto.JcaCipherService.crypt(JcaCipherService.java:462) at org.apache.shiro.crypto.JcaCipherService.crypt(JcaCipherService.java:445) at org.apache.shiro.crypto.JcaCipherService.decrypt(JcaCipherService.java:390) at org.apache.shiro.crypto.JcaCipherService.decrypt(JcaCipherService.java:382) at org.apache.shiro.mgt.AbstractRememberMeManager.decrypt(AbstractRememberMeManager.java:482) at org.apache.shiro.mgt.AbstractRememberMeManager.convertBytesToPrincipals(AbstractRememberMeManager.java:419) at org.apache.shiro.mgt.AbstractRememberMeManager.getRememberedPrincipals(AbstractRememberMeManager.java:386) at org.apache.shiro.mgt.DefaultSecurityManager.getRememberedIdentity(DefaultSecurityManager.java:604) at org.apache.shiro.mgt.DefaultSecurityManager.resolvePrincipals(DefaultSecurityManager.java:492) at org.apache.shiro.mgt.DefaultSecurityManager.createSubject(DefaultSecurityManager.java:342) at org.apache.shiro.subject.Subject$Builder.buildSubject(Subject.java:846) at org.apache.shiro.web.subject.WebSubject$Builder.buildWebSubject(WebSubject.java:148) at org.apache.shiro.web.servlet.AbstractShiroFilter.createSubject(AbstractShiroFilter.java:292) at org.apache.shiro.web.servlet.AbstractShiroFilter.doFilterInternal(AbstractShiroFilter.java:359) at org.apache.shiro.web.servlet.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:125) at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1621) at com.alibaba.druid.support.http.WebStatFilter.doFilter(WebStatFilter.java:123) at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1621) at org.nutz.mvc.WhaleFilter.doFilter(WhaleFilter.java:159) at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1621) at org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:541) at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:143) at org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:548) at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:132) at org.eclipse.jetty.server.handler.ScopedHandler.nextHandle(ScopedHandler.java:190) at org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:1593) at org.eclipse.jetty.server.handler.ScopedHandler.nextHandle(ScopedHandler.java:188) at org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1239) at org.eclipse.jetty.server.handler.ScopedHandler.nextScope(ScopedHandler.java:168) at org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:481) at org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:1562) at org.eclipse.jetty.server.handler.ScopedHandler.nextScope(ScopedHandler.java:166) at org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1141) at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:141) at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:132) at org.eclipse.jetty.server.Server.handle(Server.java:564) at org.eclipse.jetty.server.HttpChannel.handle(HttpChannel.java:320) at org.eclipse.jetty.server.HttpConnection.onFillable(HttpConnection.java:251) at org.eclipse.jetty.io.AbstractConnection$ReadCallback.succeeded(AbstractConnection.java:279) at org.eclipse.jetty.io.FillInterest.fillable(FillInterest.java:110) at org.eclipse.jetty.io.ChannelEndPoint$2.run(ChannelEndPoint.java:124) at org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:672) at org.eclipse.jetty.util.thread.QueuedThreadPool$2.run(QueuedThreadPool.java:590) at java.lang.Thread.run(Thread.java:748) Caused by: javax.crypto.BadPaddingException: Given final block not properly padded at com.sun.crypto.provider.CipherCore.doFinal(CipherCore.java:989) at com.sun.crypto.provider.CipherCore.doFinal(CipherCore.java:845) at com.sun.crypto.provider.AESCipher.engineDoFinal(AESCipher.java:446) at javax.crypto.Cipher.doFinal(Cipher.java:2165) at org.apache.shiro.crypto.JcaCipherService.crypt(JcaCipherService.java:459) ... 43 more [DEBUG] 15:44:11.458 org.apache.shiro.web.servlet.SimpleCookie.addCookieHeader(SimpleCookie.java:226) - Added HttpServletResponse Cookie [rememberMe=deleteMe; Path=/; Max-Age=0; Expires=Mon, 11-Dec-2017 07:44:11 GMT] [WARN ] 15:44:11.459 org.apache.shiro.mgt.DefaultSecurityManager.getRememberedIdentity(DefaultSecurityManager.java:609) - Delegate RememberMeManager instance of type [org.apache.shiro.web.mgt.CookieRememberMeManager] threw an exception during getRememberedPrincipals(). org.apache.shiro.crypto.CryptoException: Unable to execute 'doFinal' with cipher instance [javax.crypto.Cipher@196a589b]. at org.apache.shiro.crypto.JcaCipherService.crypt(JcaCipherService.java:462) at org.apache.shiro.crypto.JcaCipherService.crypt(JcaCipherService.java:445) at org.apache.shiro.crypto.JcaCipherService.decrypt(JcaCipherService.java:390) at org.apache.shiro.crypto.JcaCipherService.decrypt(JcaCipherService.java:382) at org.apache.shiro.mgt.AbstractRememberMeManager.decrypt(AbstractRememberMeManager.java:482) at org.apache.shiro.mgt.AbstractRememberMeManager.convertBytesToPrincipals(AbstractRememberMeManager.java:419) at org.apache.shiro.mgt.AbstractRememberMeManager.getRememberedPrincipals(AbstractRememberMeManager.java:386) at org.apache.shiro.mgt.DefaultSecurityManager.getRememberedIdentity(DefaultSecurityManager.java:604) at org.apache.shiro.mgt.DefaultSecurityManager.resolvePrincipals(DefaultSecurityManager.java:492) at org.apache.shiro.mgt.DefaultSecurityManager.createSubject(DefaultSecurityManager.java:342) at org.apache.shiro.subject.Subject$Builder.buildSubject(Subject.java:846) at org.apache.shiro.web.subject.WebSubject$Builder.buildWebSubject(WebSubject.java:148) at org.apache.shiro.web.servlet.AbstractShiroFilter.createSubject(AbstractShiroFilter.java:292) at org.apache.shiro.web.servlet.AbstractShiroFilter.doFilterInternal(AbstractShiroFilter.java:359) at org.apache.shiro.web.servlet.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:125) at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1621) at com.alibaba.druid.support.http.WebStatFilter.doFilter(WebStatFilter.java:123) at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1621) at org.nutz.mvc.WhaleFilter.doFilter(WhaleFilter.java:159) at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1621) at org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:541) at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:143) at org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:548) at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:132) at org.eclipse.jetty.server.handler.ScopedHandler.nextHandle(ScopedHandler.java:190) at org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:1593) at org.eclipse.jetty.server.handler.ScopedHandler.nextHandle(ScopedHandler.java:188) at org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1239) at org.eclipse.jetty.server.handler.ScopedHandler.nextScope(ScopedHandler.java:168) at org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:481) at org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:1562) at org.eclipse.jetty.server.handler.ScopedHandler.nextScope(ScopedHandler.java:166) at org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1141) at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:141) at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:132) at org.eclipse.jetty.server.Server.handle(Server.java:564) at org.eclipse.jetty.server.HttpChannel.handle(HttpChannel.java:320) at org.eclipse.jetty.server.HttpConnection.onFillable(HttpConnection.java:251) at org.eclipse.jetty.io.AbstractConnection$ReadCallback.succeeded(AbstractConnection.java:279) at org.eclipse.jetty.io.FillInterest.fillable(FillInterest.java:110) at org.eclipse.jetty.io.ChannelEndPoint$2.run(ChannelEndPoint.java:124) at org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:672) at org.eclipse.jetty.util.thread.QueuedThreadPool$2.run(QueuedThreadPool.java:590) at java.lang.Thread.run(Thread.java:748) Caused by: javax.crypto.BadPaddingException: Given final block not properly padded at com.sun.crypto.provider.CipherCore.doFinal(CipherCore.java:989) at com.sun.crypto.provider.CipherCore.doFinal(CipherCore.java:845) at com.sun.crypto.provider.AESCipher.engineDoFinal(AESCipher.java:446) at javax.crypto.Cipher.doFinal(Cipher.java:2165) at org.apache.shiro.crypto.JcaCipherService.crypt(JcaCipherService.java:459) ... 43 more
13 回复

... 都喜欢把User对象放进去的吗?? 为啥都不喜欢存user.id呢...

言归正传, 这是因为Remember对数据长度有限制,而数据来源于授权对象的jdk序列化

https://github.com/Wizzercn/NutzWk/blob/783807580f5b9ce2cc4efef97f582d90275c95df/wk-framework/src/main/java/cn/wizzer/framework/shiro/remember/LightCookieRememberMeManager.java

至于怎么设置, 可以在Setup.init方法内, 获取WebSecurityManager实例,设置之

public void init(NutConfig nc) {
    WebSecurityManager securityManager = nc.getIoc().get(WebSecurityManager.class, "shiroWebSecurityManager");
    securityManager.setRememberMeManager(new LightCookieRememberMeManager(xxxx));
}
// 就是把这段shiro.ini翻译一下
rememberMeCookie = org.apache.shiro.web.servlet.SimpleCookie
rememberMeCookie.name = remember
rememberMeCookie.maxAge = 604800
rememberMeCookie.httpOnly = true
rememberMeManager = cn.wizzer.framework.shiro.remember.LightCookieRememberMeManager
rememberMeManager.cookie = $rememberMeCookie

nutzboot是不是应该默认加上这个呢?来,报个issue吧!

老板说的对 这个要改

@wendal 用最新版的shiro-boot 插件现在还有这个问题
另外 放的不是user对象了 现在放的user.id


[DEBUG] 19:10:21.185 org.apache.shiro.web.servlet.SimpleCookie.readValue(SimpleCookie.java:389) - Found 'sid' cookie value [qgl6l23chmj8rqfkqh1q98lg61] [DEBUG] 19:10:21.186 org.apache.shiro.web.servlet.SimpleCookie.readValue(SimpleCookie.java:389) - Found 'rememberMe' cookie value [JXCX38RCJ1+TjFiEyrGaXxwKo435df0kzAU7kJ3BSfVXgt1GHjQQSC4LrZTK3yQJaCvM6qIqsVhzZltfgBrOd14nxWxlFCO4pagEJan/BsI5Sk4xsneU4F7kHHP3aJ0cjGo4FdHe50Q9QQyflLkqvGc7HmBc7pIN6YXWn0lvsFGIffIQ57U8MufUu7FhrLbyGYjpdZ1G8APJKwJ7hyUNpw==] [DEBUG] 19:10:21.193 org.apache.shiro.web.servlet.SimpleCookie.readValue(SimpleCookie.java:389) - Found 'sid' cookie value [qgl6l23chmj8rqfkqh1q98lg61] [WARN ] 19:10:21.203 org.apache.shiro.mgt.AbstractRememberMeManager.onRememberedPrincipalFailure(AbstractRememberMeManager.java:449) - There was a failure while trying to retrieve remembered principals. This could be due to a configuration problem or corrupted principals. This could also be due to a recently changed encryption key, if you are using a shiro.ini file, this property would be 'securityManager.rememberMeManager.cipherKey' see: http://shiro.apache.org/web.html#Web-RememberMeServices. The remembered identity will be forgotten and not used for this request. [DEBUG] 19:10:21.211 org.apache.shiro.web.servlet.SimpleCookie.addCookieHeader(SimpleCookie.java:226) - Added HttpServletResponse Cookie [rememberMe=deleteMe; Path=/; Max-Age=0; Expires=Fri, 15-Dec-2017 11:10:21 GMT] [WARN ] 19:10:21.212 org.apache.shiro.mgt.DefaultSecurityManager.getRememberedIdentity(DefaultSecurityManager.java:609) - Delegate RememberMeManager instance of type [org.apache.shiro.web.mgt.CookieRememberMeManager] threw an exception during getRememberedPrincipals(). org.apache.shiro.crypto.CryptoException: Unable to execute 'doFinal' with cipher instance [javax.crypto.Cipher@7db03590]. at org.apache.shiro.crypto.JcaCipherService.crypt(JcaCipherService.java:462) at org.apache.shiro.crypto.JcaCipherService.crypt(JcaCipherService.java:445) at org.apache.shiro.crypto.JcaCipherService.decrypt(JcaCipherService.java:390) at org.apache.shiro.crypto.JcaCipherService.decrypt(JcaCipherService.java:382) at org.apache.shiro.mgt.AbstractRememberMeManager.decrypt(AbstractRememberMeManager.java:482) at org.apache.shiro.mgt.AbstractRememberMeManager.convertBytesToPrincipals(AbstractRememberMeManager.java:419) at org.apache.shiro.mgt.AbstractRememberMeManager.getRememberedPrincipals(AbstractRememberMeManager.java:386) at org.apache.shiro.mgt.DefaultSecurityManager.getRememberedIdentity(DefaultSecurityManager.java:604) at org.apache.shiro.mgt.DefaultSecurityManager.resolvePrincipals(DefaultSecurityManager.java:492) at org.apache.shiro.mgt.DefaultSecurityManager.createSubject(DefaultSecurityManager.java:342) at org.apache.shiro.subject.Subject$Builder.buildSubject(Subject.java:846) at org.apache.shiro.web.subject.WebSubject$Builder.buildWebSubject(WebSubject.java:148) at org.apache.shiro.web.servlet.AbstractShiroFilter.createSubject(AbstractShiroFilter.java:292) at org.apache.shiro.web.servlet.AbstractShiroFilter.doFilterInternal(AbstractShiroFilter.java:359) at org.apache.shiro.web.servlet.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:125) at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1621) at com.alibaba.druid.support.http.WebStatFilter.doFilter(WebStatFilter.java:123) at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1621) at org.nutz.mvc.WhaleFilter.doFilter(WhaleFilter.java:159) at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1621) at org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:541) at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:143) at org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:548) at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:132) at org.eclipse.jetty.server.handler.ScopedHandler.nextHandle(ScopedHandler.java:190) at org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:1593) at org.eclipse.jetty.server.handler.ScopedHandler.nextHandle(ScopedHandler.java:188) at org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1239) at org.eclipse.jetty.server.handler.ScopedHandler.nextScope(ScopedHandler.java:168) at org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:481) at org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:1562) at org.eclipse.jetty.server.handler.ScopedHandler.nextScope(ScopedHandler.java:166) at org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1141) at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:141) at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:132) at org.eclipse.jetty.server.Server.handle(Server.java:564) at org.eclipse.jetty.server.HttpChannel.handle(HttpChannel.java:320) at org.eclipse.jetty.server.HttpConnection.onFillable(HttpConnection.java:251) at org.eclipse.jetty.io.AbstractConnection$ReadCallback.succeeded(AbstractConnection.java:279) at org.eclipse.jetty.io.FillInterest.fillable(FillInterest.java:110) at org.eclipse.jetty.io.ChannelEndPoint$2.run(ChannelEndPoint.java:124) at org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:672) at org.eclipse.jetty.util.thread.QueuedThreadPool$2.run(QueuedThreadPool.java:590) at java.lang.Thread.run(Thread.java:748) Caused by: javax.crypto.BadPaddingException: Given final block not properly padded at com.sun.crypto.provider.CipherCore.doFinal(CipherCore.java:989) at com.sun.crypto.provider.CipherCore.doFinal(CipherCore.java:845) at com.sun.crypto.provider.AESCipher.engineDoFinal(AESCipher.java:446) at javax.crypto.Cipher.doFinal(Cipher.java:2165) at org.apache.shiro.crypto.JcaCipherService.crypt(JcaCipherService.java:459) ... 43 more [DEBUG] 19:10:21.213 org.nutz.mvc.impl.UrlMappingImpl.get(UrlMappingImpl.java:110) - Search mapping for [GET] path=/image/avatar : NOT Action match [DEBUG] 19:10:21.231 org.apache.shiro.web.servlet.SimpleCookie.readValue(SimpleCookie.java:389) - Found 'rememberMe' cookie value [JXCX38RCJ1+TjFiEyrGaXxwKo435df0kzAU7kJ3BSfVXgt1GHjQQSC4LrZTK3yQJaCvM6qIqsVhzZltfgBrOd14nxWxlFCO4pagEJan/BsI5Sk4xsneU4F7kHHP3aJ0cjGo4FdHe50Q9QQyflLkqvGc7HmBc7pIN6YXWn0lvsFGIffIQ57U8MufUu7FhrLbyGYjpdZ1G8APJKwJ7hyUNpw==] [WARN ] 19:10:21.232 org.apache.shiro.mgt.AbstractRememberMeManager.onRememberedPrincipalFailure(AbstractRememberMeManager.java:449) - There was a failure while trying to retrieve remembered principals. This could be due to a configuration problem or corrupted principals. This could also be due to a recently changed encryption key, if you are using a shiro.ini file, this property would be 'securityManager.rememberMeManager.cipherKey' see: http://shiro.apache.org/web.html#Web-RememberMeServices. The remembered identity will be forgotten and not used for this request. [DEBUG] 19:10:21.232 org.apache.shiro.web.servlet.SimpleCookie.addCookieHeader(SimpleCookie.java:226) - Added HttpServletResponse Cookie [rememberMe=deleteMe; Path=/; Max-Age=0; Expires=Fri, 15-Dec-2017 11:10:21 GMT] [WARN ] 19:10:21.232 org.apache.shiro.mgt.DefaultSecurityManager.getRememberedIdentity(DefaultSecurityManager.java:609) - Delegate RememberMeManager instance of type [org.apache.shiro.web.mgt.CookieRememberMeManager] threw an exception during getRememberedPrincipals(). org.apache.shiro.crypto.CryptoException: Unable to execute 'doFinal' with cipher instance [javax.crypto.Cipher@676fca8e]. at org.apache.shiro.crypto.JcaCipherService.crypt(JcaCipherService.java:462) at org.apache.shiro.crypto.JcaCipherService.crypt(JcaCipherService.java:445) at org.apache.shiro.crypto.JcaCipherService.decrypt(JcaCipherService.java:390) at org.apache.shiro.crypto.JcaCipherService.decrypt(JcaCipherService.java:382) at org.apache.shiro.mgt.AbstractRememberMeManager.decrypt(AbstractRememberMeManager.java:482) at org.apache.shiro.mgt.AbstractRememberMeManager.convertBytesToPrincipals(AbstractRememberMeManager.java:419) at org.apache.shiro.mgt.AbstractRememberMeManager.getRememberedPrincipals(AbstractRememberMeManager.java:386) at org.apache.shiro.mgt.DefaultSecurityManager.getRememberedIdentity(DefaultSecurityManager.java:604) at org.apache.shiro.mgt.DefaultSecurityManager.resolvePrincipals(DefaultSecurityManager.java:492) at org.apache.shiro.mgt.DefaultSecurityManager.createSubject(DefaultSecurityManager.java:342) at org.apache.shiro.subject.Subject$Builder.buildSubject(Subject.java:846) at org.apache.shiro.web.subject.WebSubject$Builder.buildWebSubject(WebSubject.java:148) at org.apache.shiro.web.servlet.AbstractShiroFilter.createSubject(AbstractShiroFilter.java:292) at org.apache.shiro.web.servlet.AbstractShiroFilter.doFilterInternal(AbstractShiroFilter.java:359) at org.apache.shiro.web.servlet.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:125) at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1621) at com.alibaba.druid.support.http.WebStatFilter.doFilter(WebStatFilter.java:123) at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1621) at org.nutz.mvc.WhaleFilter.doFilter(WhaleFilter.java:159) at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1621) at org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:541) at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:143) at org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:548) at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:132) at org.eclipse.jetty.server.handler.ScopedHandler.nextHandle(ScopedHandler.java:190) at org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:1593) at org.eclipse.jetty.server.handler.ScopedHandler.nextHandle(ScopedHandler.java:188) at org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1239) at org.eclipse.jetty.server.handler.ScopedHandler.nextScope(ScopedHandler.java:168) at org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:481) at org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:1562) at org.eclipse.jetty.server.handler.ScopedHandler.nextScope(ScopedHandler.java:166) at org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1141) at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:141) at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:132) at org.eclipse.jetty.server.Server.handle(Server.java:564) at org.eclipse.jetty.server.HttpChannel.handle(HttpChannel.java:320) at org.eclipse.jetty.server.HttpConnection.onFillable(HttpConnection.java:251) at org.eclipse.jetty.io.AbstractConnection$ReadCallback.succeeded(AbstractConnection.java:279) at org.eclipse.jetty.io.FillInterest.fillable(FillInterest.java:110) at org.eclipse.jetty.io.ChannelEndPoint$2.run(ChannelEndPoint.java:124) at org.eclipse.jetty.util.thread.Invocable.invokePreferred(Invocable.java:122) at org.eclipse.jetty.util.thread.strategy.ExecutingExecutionStrategy.invoke(ExecutingExecutionStrategy.java:58) at org.eclipse.jetty.util.thread.strategy.ExecuteProduceConsume.produceConsume(ExecuteProduceConsume.java:201) at org.eclipse.jetty.util.thread.strategy.ExecuteProduceConsume.run(ExecuteProduceConsume.java:133) at org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:672) at org.eclipse.jetty.util.thread.QueuedThreadPool$2.run(QueuedThreadPool.java:590) at java.lang.Thread.run(Thread.java:748) Caused by: javax.crypto.BadPaddingException: Given final block not properly padded at com.sun.crypto.provider.CipherCore.doFinal(CipherCore.java:989) at com.sun.crypto.provider.CipherCore.doFinal(CipherCore.java:845) at com.sun.crypto.provider.AESCipher.engineDoFinal(AESCipher.java:446) at javax.crypto.Cipher.doFinal(Cipher.java:2165) at org.apache.shiro.crypto.JcaCipherService.crypt(JcaCipherService.java:459) ... 47 more [DEBUG] 19:10:21.237 org.nutz.mvc.impl.UrlMappingImpl.get(UrlMappingImpl.java:101) - Found mapping for [GET] path=/oauthclient/list : OAuthClientModule.list(OAuthClientModule.java:34) [DEBUG] 19:10:21.237 org.nutz.ioc.impl.NutIoc.get(NutIoc.java:157) - Get 'oAuthClientModule'<class com.rekoe.module.OAuthClientModule>

话说,我写的跟你写是一样的吧。。。

@wendal 我现在用的你写的那个 也就是最新的 ``` nutzboot-starter-shiro ```` 插件
现在报的错误是

  protected byte[] decrypt(byte[] encrypted) {
        byte[] serialized = encrypted;
        CipherService cipherService = getCipherService();
        if (cipherService != null) {
            ByteSource byteSource = cipherService.decrypt(encrypted, getDecryptionCipherKey());
            serialized = byteSource.getBytes();
        }
        return serialized;
    }

这一行 报错

ByteSource byteSource = cipherService.decrypt(encrypted, getDecryptionCipherKey());

貌似和你说的那个原因不匹配

额,因为没有配置密钥?

@wendal
在哪里配置密钥 ?我得瞅瞅

有人这样解决的

http://www.itdadao.com/articles/c15a1279444p0.html

@Rekoe 要不注释掉remebermMe,试试shiro本身的默认值?

嗯好 .我看怎么重现这个问题

@wendal 问题貌似好了
改的的地方:加密算法的问题

@SuppressWarnings("deprecation")
@IocBean(create = "_init")
public class LoginRealm extends AuthorizingRealm {

	@Inject
	private UserService userService;

	// private HashedCredentialsMatcher credentialsMatcher = new HashedCredentialsMatcher(Sha256Hash.ALGORITHM_NAME);
	private HashedCredentialsMatcher credentialsMatcher = new Sha256CredentialsMatcher();

	@Inject
	private org.apache.shiro.cache.CacheManager shiroCacheManager;

	public void _init() {
		credentialsMatcher.setStoredCredentialsHexEncoded(false);
		credentialsMatcher.setHashIterations(1024);
		credentialsMatcher.setHashSalted(true);
		setCacheManager(shiroCacheManager);
	}
}

有问题的时候用的注视掉的

// private HashedCredentialsMatcher credentialsMatcher = new HashedCredentialsMatcher(Sha256Hash.ALGORITHM_NAME);
	

继续关注.未完 待续...
问题还会出现

添加回复
请先登陆
回到顶部