在springboot+shiro 权限认证时报错
方案1(不行的话就用方案2):
用户在没有权限的情况下,访问页面,shiro根据没有权限本抛出Subject does not have permission [xxxxx]错误,可以在拦截器一个错误处理方式,统一异常处理,没有权限就进入统一页面
shiroFilterFactoryBean.setUnauthorizedUrl("url");
方案2:在unauthorizedUrl 不起作用的情况下
2.1、设置自定义的异常解析器
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;import org.apache.shiro.authz.UnauthenticatedException;
import org.apache.shiro.authz.UnauthorizedException;
import org.springframework.web.servlet.HandlerExceptionResolver;
import org.springframework.web.servlet.ModelAndView;public class DiyExceptionHandler implements HandlerExceptionResolver {
@Override
public ModelAndView resolveException(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object o, Exception e) {
if (e instanceof UnauthorizedException) { // 未授权 : 403页面
ModelAndView mv = new ModelAndView("/403");
return mv;
} else if (e instanceof UnauthenticatedException) { // 未登录 : 401登录页面
ModelAndView mv = new ModelAndView("/login");
return mv;
}
return null;
}
}
2.2、在启动类注册统一处理异常bean
import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.SpringBootApplication;
import t.annotation.Bean;import com.***.***.config.DiyExceptionHandler;
@SpringBootApplication
public class DemoApplication {public static void main(String[] args) {
SpringApplication.run(DemoApplication.class, args);
}
// 注册统一异常处理bean
@Bean
public DiyExceptionHandler diyExceptionHandler() {
return new DiyExceptionHandler ();
}
}
本文发布于:2024-02-04 17:36:27,感谢您对本站的认可!
本文链接:https://www.4u4v.net/it/170712746057857.html
版权声明:本站内容均来自互联网,仅供演示用,请勿用于商业和其他非法用途。如果侵犯了您的权益请与我们联系,我们将在24小时内删除。
| 留言与评论(共有 0 条评论) |
