springboot 集成shiro 注解失效(不进行授权)解决方案_springboot+shiro+jwt shiro注解不生效-优快云博客

本文链接：https://blog.youkuaiyun.com/qq_43499489/article/details/130619706

该文章展示了如何配置Shiro以启用注解授权，如@RequiresRoles和@RequiresPermissions。通过创建DefaultAdvisorAutoProxyCreator和AuthorizationAttributeSourceAdvisorBean，可以实现权限检查功能。此外，还配置了SimpleMappingExceptionResolver来处理未授权异常，将用户重定向到/unAuth页面。

摘要生成于 C知道，由 DeepSeek-R1 满血版支持，前往体验 >

/**
* 开启Shiro的注解(如@RequiresRoles,@RequiresPermissions)
* 配置以下两个bean(DefaultAdvisorAutoProxyCreator和AuthorizationAttributeSourceAdvisor)即可实现此功能
* @return
*/

@Bean
public DefaultAdvisorAutoProxyCreator advisorAutoProxyCreator(){
    DefaultAdvisorAutoProxyCreator advisorAutoProxyCreator = new DefaultAdvisorAutoProxyCreator();
    advisorAutoProxyCreator.setProxyTargetClass(true);
    return advisorAutoProxyCreator;
}

@Bean
public AuthorizationAttributeSourceAdvisor authorizationAttributeSourceAdvisor(){
    AuthorizationAttributeSourceAdvisor authorizationAttributeSourceAdvisor = new AuthorizationAttributeSourceAdvisor();
    authorizationAttributeSourceAdvisor.setSecurityManager(getDefaultWebSecurityManager(getRealm()));
    return authorizationAttributeSourceAdvisor;
}

@Bean
public SimpleMappingExceptionResolver simpleMappingExceptionResolver() {
    SimpleMappingExceptionResolver resolver = new SimpleMappingExceptionResolver();
    Properties properties = new Properties();
    //未授权的网页跳转至error.html
    properties.setProperty("org.apache.shiro.authz.UnauthorizedException", "/unAuth");
    resolver.setExceptionMappings(properties);
    return resolver;
}