Springboot-shiro: This subject is anonymous - it does not have any identifying principals and

最新推荐文章于 2024-06-13 14:20:56 发布
原创 最新推荐文章于 2024-06-13 14:20:56 发布 · 2.1w 阅读 · 3 ·
CC 4.0 BY-SA版权
版权声明:本文为博主原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明。
文章标签:

#shiro #springboot

本文介绍在SpringBoot项目中整合Shiro进行权限控制的方法,重点讲解如何使用@RequiresPermissions注解实现接口访问权限限制,并自定义异常处理机制,以优雅地返回未授权信息。

问题:

spingboot 项目整合shiro 后, 通过注解 @RequirePermissions来进行权限控制 

    @ResponseBody
    @RequestMapping(value = "/detail", method = RequestMethod.POST)
    @RequiresPermissions("sys:msg:list")
    public ResultEntity detail(Long userId) {
        // ... 
        return ResultEntity.ok();
    }

在未登陆的情况下, 访问接口会抛出异常:

This subject is anonymous - it does not have any identifying principals and authorization operations require an identity to check against.  A Subject instance will acquire these identifying principals automatically after a successful login is performed ..

 

解决:

上述异常抛出后, 我们可以使用自定义的拦截器来处理抛出的异常 ; 在自定义异常中 可以自定义返回信息给调用方;

    @ExceptionHandler(AuthorizationException.class)
    public ResultEntity handleAuthorizationException(AuthorizationException e){
        log.error(e.getMessage(), e);
        return ResultEntity.error("请联系管理员授权后,登陆操作");
    }

参考: https://blog.youkuaiyun.com/fly_leopard/article/details/53318492

关于shiro授权 This subject is anonymous - it does not have any identifying principals and authorization
m0_49359842的博客
01-17 4855
在进行shiro前后分离授权时,报错如下。 This subject is anonymous - it does not have any identifying principals and authorization operations require an identity to check against. A Subject instance will acquire these identifying principals automatically after a successful
Spring Boot学习笔记(二十)Spring Boot MockMvc集成测试
Stephanie17395的博客
10-30 652
Spring Boot MockMvc集成测试 Web 测试 Spring Boot 提供了 MockMvc 工具类,非常方便对 Web 层进行验证,引入了 MockMvc 支持了对Controller 层的测试 数据库 数据库:android,数据表 user 新建项目 pom.xml <?xml version="1.0" encoding="UTF-8"?> &...
shiro报错
weixin_45049852的博客
06-08 1617
This subject is anonymous - it does not have any identifying principals and authorization operations require an identity to check against. A Subject instance will acquire these identifying principals automatically after a successful login is performed be e
This subject is anonymous - it does not have any identifying principals and authorization operations
烤鸭的世界我们不懂。
04-17 1万+
大家好,我是烤鸭: 最近使用shiro,遇到如下问题: 严重: Servlet.service() for servlet [dispatcherServlet] in context with path [/etc] threw exception [Request processing failed; nested exception is org.apache.shiro.aut...
Shrio : This subject is anonymous - it does not have any identifying principals and
t0m的专栏
11-24 1万+
使用shrio,集成到springmvc后,访问带有@RequirePermission注解的方法,This subject is anonymous - it does not have any identifying principals and authorization operations require an identity to check ag...
java查看源码导入包-springboot-shiro:Springboot+shiro权限管理。这或许是流程最详细、代码最干净、配置最简单
06-05
java查看源码导入包 springboot-shiro 项目介绍 Springboot + shiro权限管理。这或许是流程最详细、代码最干净、配置最简单的shiro上手项目了。 开发环境 工具 版本或描述 ...shiro-core ...shiro-admi
精选资源
SpringBoot-Shiro-Vue:提供一套基于Spring Boot-Shiro-Vue的权限管理思路.前后端都加以控制,做到按钮接口级别的权限
05-11
提供一套基于SpringBoot-shiro-vue的权限管理思路. 前后端都加以控制,做到按钮/接口级别的权限 DEMO admin/123456 管理员身份登录,可以新增用户,角色. 角色可以分配权限 控制菜单是否显示,新增/删除按钮是否显示 ...
springboot-shiro:纯净版,需开启本地redis服务
05-18
Shiro的核心依赖包括`org.apache.shiro:shiro-spring`,而Redis的连接管理依赖于`org.springframework.boot:spring-boot-starter-data-redis`。 2. 配置Shiro:在SpringBoot的配置文件(application.properties或...
springboot-shiro
10-18
SpringBootShiro构建细粒度动态权限管理系统详解》 在现代Web开发中,权限管理是不可或缺的一部分,尤其对于企业级应用来说更是如此。SpringBoot以其轻量级、便捷的特性,已经成为Java开发的首选框架之一。而...
code: 500 ] This subject is anonymous - it does not have any identifying
YHLSunshine的博客
03-06 1592
使用idea 开发java 项目,前端页面请求 页面中相关的接口时,idea 控制台有报错信息出现,前端请求失败。code: 500 ] This subject is anonymous - it does not have any identifying principals and authorization operations require an identity to check against. A
记一次报错 This subject is anonymous
hnxm_ggp的博客
04-18 1187
This subject is anonymous报错
shiro 开放接口后 调用报错: This subject is anonymous
John的博客
04-08 964
shiro 开放接口后 调用报错: This subject is anonymous
解决Shiro 加权限注解失效 或者报错 This subject is anonymous
热门推荐
程序圆的博客
09-12 1万+
报错堆栈 org.apache.shiro.authz.UnauthenticatedException: This subject is anonymous - it does not have any identifying principals and authorization operations require an identity to check against. A Subject instance will acquire these identifying principals a
chrome88 登录,出org.apache.shiro.authz.UnauthenticatedException: This subject is anonymous
ewwerpm的专栏
02-11 1057
Firefox没问题,换chrome版本就好了,换成chrome78就好了。前台登录看不出问题,后台报错如下: org.apache.shiro.authz.UnauthenticatedException: This subject is anonymous - it does not have any identifying principals and authorization operations require an identity to check against. A Subject .
使用idea 开发java 项目,使用 @RequiresPermissions(““) 注解为接口设置相应的权限后,重新访问调用该接口的页面,前端页面请求页面中相关的接口时,出现报错信息,前
YHLSunshine的博客
06-13 579
使用idea 开发java 项目,使用 @RequiresPermissions("") 注解为接口设置相应的权限后,重新访问调用该接口的页面,前端页面请求页面中相关的接口时,出现报错信息,前端请求失败。
记一次前后端分离shiro引起的报错
时光依旧的博客
08-03 1069
在进行shiro前后分离授权时,报错如下。 错误内容:This subject is anonymous - it does not have any identifying principals and authorization operations require an identity to check against. A Subject instance will acquire these identifying principals automatically after a suc..
redis-shiro session 共享subject中principal 为空
goodtimeflying的博客
11-25 1971
redis-shiro session共享,登陆后subject中principal 为空 看过我的上一篇文章 redis-shiro session共享,序列化大坑的人,你可能遇到一个新的问题,就是登陆后再去请求的时候,报错This subject is anonymous 具体的错误信息如下: This subject is anonymous - it does not have any identifying principals and authorization operations requi
JWT与Shiro
bhegi_seg的博客
03-26 1619
已经用jwt做好了登录,客户要求用shiro做权限验证,懂一些技术的甲方,真的不好惹哦 JWT 其他文章介绍的也很多了,无非就是将用户的信息(一般包括唯一表示、过期时间等等),结合秘钥,用一定的加密算法进行加密,下次请求的时候就带上这个字符串(一般是在请求头中),服务器对其进行解密,就可以知道是哪个用户了,即有状态了。如果没有该字符串、或者解密失败、或者过期,就相应处理即可。 Shiro 文章: shiro框架详解讲了一大堆,看起来好像不错,但实际结合jwt应用时,就显得一头雾水。 结合github上Spr
org.apache.shiro.authz.UnauthenticatedException: This subject is anonymous - it does not have any identifying principals and authorization operations require an identity to check against. A Subject instance will acquire these identifying principals automatically after a successful login is performed be executing org.apache.shiro.subject.Subject.login(AuthenticationToken) or when 'Remember Me' functionality is enabled by the SecurityManager. This exception can also occur when a previously logged-in Subject has logged out which makes it anonymous again. Because an identity is currently not known due to any of these conditions, authorization is denied.
最新发布
04-27
嗯,用户问的是如何处理Shiro框架中的UnauthenticatedException异常,当用户未登录或身份未验证时出现的。首先,我需要回忆一下Shiro的相关知识,以及之前提供的引用内容。根据引用[2],UnauthenticatedException...
评论 6
成就一亿技术人!
拼手气红包6.0元
还能输入1000个字符
 
红包 添加红包
表情包 插入表情
表情包 代码片
 条评论被折叠 查看
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值