我使用shiro-vaadin-integration插件
@WebServlet(urlPatterns = "/*", name = "Test", asyncSupported = true,
initParams = @WebInitParam(name = Constants.I18N_PROVIDER,
value = "com.test.TranslationProvider"))
@VaadinServletConfiguration(productionMode = false)
@Slf4j
public class AppServlet extends VaadinServlet {
@Override
protected void servletInitialized() throws ServletException {
log.info("Init Shiro");
IniRealm iniRealm = new IniRealm("classpath:shiro.ini");
DefaultSecurityManager securityManager = new DefaultSecurityManager(iniRealm);
// SessionDAO sessionDAO = new MemorySessionDAO();
// ((DefaultSessionManager) securityManager.getSessionManager()).setSessionDAO(sessionDAO);
// securityManager.setCacheManager(new MemoryConstrainedCacheManager());
SecurityUtils.setSecurityManager(securityManager);
log.info("Finish Init Shiro");
super.servletInitialized();
}
问题的症结在于登录后。我进入主页。
SecurityUtils.getSubject().isAuthenticated()
返回true。
此外,当尝试在应用程序中导航时。
SecurityUtils.getSubject().isAuthenticated()
返回false。
感觉好像持续了几秒钟
shiro.ini
[main]
authc.loginUrl = /signin
vaadin = org.vaadin.shiro.VaadinNavigationRolesAuthorizationFilter
vaadin.loginUrl = /signin
[users]
admin@admin.com = 1@QWaszx, admin
user = user, user
[roles]
admin = *
user = action1:*
[urls]
/ = anon, vaadin
/signin = anon, vaadin
/signup = anon, vaadin
/forgot-password = anon, vaadin
/reset-password = anon, vaadin
/registration-complete = anon, vaadin
/create-account = anon, vaadin
/payment = anon, vaadin
/environment = authc, vaadin[admin]
/billing = authc, vaadin[admin]
/settings = authc, vaadin[admin]
如果我们在获得授权后快速访问该链接,它将通过。 如果您等待应用程序崩溃