现在,我可以正确检查java代码的权限(如下所示):
subject.isPermitted("queryPrinter")
但如果我在注释中进行注释,它就会失败。
@ResponseBody
@RequiresPermissions("test::home")
@RequiresAuthentication
@RequestMapping(value = "/test/permission", method = RequestMethod.POST)
public Object testPermission() {
return PdMDMResultUtil.createSuccess();
}
这是我在applicationContext-shiro.xml中的shiro配置
<bean id="shiroFilter" class="org.apache.shiro.spring.web.ShiroFilterFactoryBean">
<property name="securityManager" ref="securityManager"/>
<property name="loginUrl" value="${sso.server.url}"/>
<property name="successUrl" value="${upms.successUrl}"/>
<property name="unauthorizedUrl" value="${upms.unauthorizedUrl}"/>
<property name="filters">
<util:map>
<entry key="authc" value-ref="upmsAuthenticationFilter"/>
<entry key="permission" value-ref="upmsPermissionsAuthorizationFilter"/>
</util:map>
</property>
<property name="filterChainDefinitions">
<value>
/sso/login = anon
/sso/logout = upmsSessionForceLogout
/sso/** = authc,permission
/** = anon
</value>
</property>
</bean>
<bean id="upmsPermissionsAuthorizationFilter"
class="im.pudong.mdm.client.shiro.filter.UpmsPermissionsAuthorizationFilter"/>
<bean id="upmsAuthenticationFilter" class="im.pudong.mdm.client.shiro.filter.UpmsAuthenticationFilter"/>
<bean id="upmsSessionForceLogout" class="im.pudong.mdm.client.shiro.filter.UpmsSessionForceLogoutFilter"/>
当我调试问题时,我发现debug screenshot pic。它显示了mappedValue
NULL ,但我预计 NOT NULL 。为什么?
public class UpmsPermissionsAuthorizationFilter extends PermissionsAuthorizationFilter {
@Override
public boolean isAccessAllowed(ServletRequest request, ServletResponse response, Object mappedValue) throws IOException {
return super.isAccessAllowed(request, response, mappedValue);
}
}