代码拉取完成,页面将自动刷新
jboot 3.9.16,使用了shiro1.7.1,
[ERROR]-[Thread: XNIO-1 task-16]-[io.jboot.web.handler.JbootActionHandler.handle()]: com.quickplan.projectname.web.admin.IndexController.logout() : /admin/logout?RENDERJSON=1&access_token=1
java.lang.IllegalStateException: org.apache.shiro.session.UnknownSessionException: There is no session with id [fff5ec10-24bc-4bae-824d-c2c9a9573e4a]
at org.apache.shiro.web.servlet.ShiroHttpSession.invalidate(ShiroHttpSession.java:236)
at io.jboot.web.session.JbootHttpSession.invalidate(JbootHttpSession.java:185)
at com.quickplan.projectname.helper.AuthorityHelper.logout(AuthorityHelper.java:49)
at com.quickplan.projectname.web.admin.IndexController.logout(IndexController.java:80)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:498)
at io.jboot.web.handler.JbootActionInvocation.invoke(JbootActionInvocation.java:95)
at io.jboot.support.shiro.JbootShiroInvokeListener$1.onInvokeAfter(JbootShiroInvokeListener.java:64)
at io.jboot.support.shiro.JbootShiroInterceptor.intercept(JbootShiroInterceptor.java:33)
at io.jboot.web.handler.JbootActionInvocation.invoke(JbootActionInvocation.java:88)
at com.quickplan.projectname.web.interceptor.AdminLoginInterceptor.intercept(AdminLoginInterceptor.java:42)
at io.jboot.web.handler.JbootActionInvocation.invoke(JbootActionInvocation.java:88)
at com.quickplan.projectname.web.interceptor.AdminInterceptor.intercept(AdminInterceptor.java:36)
at io.jboot.web.handler.JbootActionInvocation.invoke(JbootActionInvocation.java:88)
at com.jfinal.ext.interceptor.SessionInViewInterceptor.intercept(SessionInViewInterceptor.java:44)
at io.jboot.web.handler.JbootActionInvocation.invoke(JbootActionInvocation.java:88)
at io.jboot.web.handler.JbootActionHandler.doStartRender(JbootActionHandler.java:161)
at io.jboot.web.handler.JbootActionHandler.handle(JbootActionHandler.java:121)
at io.jboot.web.handler.JbootHandler.doHandle(JbootHandler.java:46)
at io.jboot.web.handler.JbootHandler.handle(JbootHandler.java:36)
at io.jboot.web.attachment.AttachmentHandler.handle(AttachmentHandler.java:38)
at io.jboot.components.gateway.JbootGatewayHandler.handle(JbootGatewayHandler.java:35)
at com.quickplan.common.handler.GlobalHandler.handle(GlobalHandler.java:86)
at com.jfinal.core.JFinalFilter.doFilter(JFinalFilter.java:90)
at io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:61)
at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:131)
at org.apache.shiro.web.servlet.ProxiedFilterChain.doFilter(ProxiedFilterChain.java:61)
at org.apache.shiro.web.servlet.AdviceFilter.executeChain(AdviceFilter.java:108)
at org.apache.shiro.web.servlet.AdviceFilter.doFilterInternal(AdviceFilter.java:137)
at org.apache.shiro.web.servlet.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:125)
at org.apache.shiro.web.servlet.ProxiedFilterChain.doFilter(ProxiedFilterChain.java:66)
at org.apache.shiro.web.servlet.AbstractShiroFilter.executeChain(AbstractShiroFilter.java:450)
at org.apache.shiro.web.servlet.AbstractShiroFilter$1.call(AbstractShiroFilter.java:365)
at org.apache.shiro.subject.support.SubjectCallable.doCall(SubjectCallable.java:90)
at org.apache.shiro.subject.support.SubjectCallable.call(SubjectCallable.java:83)
at org.apache.shiro.subject.support.DelegatingSubject.execute(DelegatingSubject.java:387)
at org.apache.shiro.web.servlet.AbstractShiroFilter.doFilterInternal(AbstractShiroFilter.java:362)
at io.jboot.support.shiro.JbootShiroFilter.doFilterInternal(JbootShiroFilter.java:70)
at org.apache.shiro.web.servlet.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:125)
at io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:61)
at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:131)
at io.undertow.servlet.handlers.FilterHandler.handleRequest(FilterHandler.java:84)
at io.undertow.servlet.handlers.security.ServletSecurityRoleHandler.handleRequest(ServletSecurityRoleHandler.java:62)
at io.undertow.servlet.handlers.ServletChain$1.handleRequest(ServletChain.java:68)
at io.undertow.servlet.handlers.ServletDispatchingHandler.handleRequest(ServletDispatchingHandler.java:36)
at io.undertow.servlet.handlers.RedirectDirHandler.handleRequest(RedirectDirHandler.java:68)
at io.undertow.servlet.handlers.security.SSLInformationAssociationHandler.handleRequest(SSLInformationAssociationHandler.java:111)
at io.undertow.servlet.handlers.security.ServletAuthenticationCallHandler.handleRequest(ServletAuthenticationCallHandler.java:57)
at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
at io.undertow.security.handlers.AbstractConfidentialityHandler.handleRequest(AbstractConfidentialityHandler.java:46)
at io.undertow.servlet.handlers.security.ServletConfidentialityConstraintHandler.handleRequest(ServletConfidentialityConstraintHandler.java:64)
at io.undertow.security.handlers.AuthenticationMechanismsHandler.handleRequest(AuthenticationMechanismsHandler.java:60)
at io.undertow.servlet.handlers.security.CachedAuthenticatedSessionHandler.handleRequest(CachedAuthenticatedSessionHandler.java:77)
at io.undertow.security.handlers.AbstractSecurityContextAssociationHandler.handleRequest(AbstractSecurityContextAssociationHandler.java:43)
at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
at io.undertow.servlet.handlers.ServletInitialHandler.handleFirstRequest(ServletInitialHandler.java:269)
at io.undertow.servlet.handlers.ServletInitialHandler.access$100(ServletInitialHandler.java:78)
at io.undertow.servlet.handlers.ServletInitialHandler$2.call(ServletInitialHandler.java:133)
at io.undertow.servlet.handlers.ServletInitialHandler$2.call(ServletInitialHandler.java:130)
at io.undertow.servlet.core.ServletRequestContextThreadSetupAction$1.call(ServletRequestContextThreadSetupAction.java:48)
at io.undertow.servlet.core.ContextClassLoaderSetupAction$1.call(ContextClassLoaderSetupAction.java:43)
at io.undertow.servlet.handlers.ServletInitialHandler.dispatchRequest(ServletInitialHandler.java:249)
at io.undertow.servlet.handlers.ServletInitialHandler.access$000(ServletInitialHandler.java:78)
at io.undertow.servlet.handlers.ServletInitialHandler$1.handleRequest(ServletInitialHandler.java:99)
at io.undertow.server.Connectors.executeRootHandler(Connectors.java:396)
at io.undertow.server.HttpServerExchange$1.run(HttpServerExchange.java:830)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
at java.lang.Thread.run(Thread.java:745)
Caused by: org.apache.shiro.session.UnknownSessionException: There is no session with id [fff5ec10-24bc-4bae-824d-c2c9a9573e4a]
at org.apache.shiro.session.mgt.eis.AbstractSessionDAO.readSession(AbstractSessionDAO.java:170)
at org.apache.shiro.session.mgt.eis.CachingSessionDAO.readSession(CachingSessionDAO.java:261)
at org.apache.shiro.session.mgt.DefaultSessionManager.retrieveSessionFromDataSource(DefaultSessionManager.java:236)
at org.apache.shiro.session.mgt.DefaultSessionManager.retrieveSession(DefaultSessionManager.java:222)
at org.apache.shiro.session.mgt.AbstractValidatingSessionManager.doGetSession(AbstractValidatingSessionManager.java:118)
at org.apache.shiro.session.mgt.AbstractNativeSessionManager.lookupSession(AbstractNativeSessionManager.java:148)
at org.apache.shiro.session.mgt.AbstractNativeSessionManager.lookupRequiredSession(AbstractNativeSessionManager.java:152)
at org.apache.shiro.session.mgt.AbstractNativeSessionManager.stop(AbstractNativeSessionManager.java:281)
at org.apache.shiro.session.mgt.DelegatingSession.stop(DelegatingSession.java:127)
at org.apache.shiro.session.ProxiedSession.stop(ProxiedSession.java:107)
at org.apache.shiro.subject.support.DelegatingSubject$StoppingAwareProxiedSession.stop(DelegatingSubject.java:423)
at org.apache.shiro.web.servlet.ShiroHttpSession.invalidate(ShiroHttpSession.java:234)
... 71 more
[ERROR]-[Thread: XNIO-1 task-15]-[io.jboot.web.handler.JbootActionHandler.handle()]: com.quickplan.projectname.web.admin.IndexController.logout() : /admin/logout?RENDERJSON=1&access_token=1
java.lang.IllegalStateException: org.apache.shiro.session.UnknownSessionException: There is no session with id [e0b1fc21-c768-4598-86e8-6ffa4e4fe89a]
at org.apache.shiro.web.servlet.ShiroHttpSession.removeAttribute(ShiroHttpSession.java:224)
at io.jboot.web.session.JbootHttpSession.removeAttribute(JbootHttpSession.java:170)
at io.jboot.web.session.JbootHttpSession.setAttribute(JbootHttpSession.java:134)
at com.quickplan.common.helper.CommonHelper.setSession(CommonHelper.java:93)
at com.quickplan.projectname.helper.AuthorityHelper.setSessionAdmin(AuthorityHelper.java:136)
at com.quickplan.projectname.helper.AuthorityHelper.logout(AuthorityHelper.java:50)
at com.quickplan.projectname.web.admin.IndexController.logout(IndexController.java:80)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:498)
at io.jboot.web.handler.JbootActionInvocation.invoke(JbootActionInvocation.java:95)
at io.jboot.support.shiro.JbootShiroInvokeListener$1.onInvokeAfter(JbootShiroInvokeListener.java:64)
at io.jboot.support.shiro.JbootShiroInterceptor.intercept(JbootShiroInterceptor.java:33)
at io.jboot.web.handler.JbootActionInvocation.invoke(JbootActionInvocation.java:88)
at com.quickplan.projectname.web.interceptor.AdminLoginInterceptor.intercept(AdminLoginInterceptor.java:42)
at io.jboot.web.handler.JbootActionInvocation.invoke(JbootActionInvocation.java:88)
at com.quickplan.projectname.web.interceptor.AdminInterceptor.intercept(AdminInterceptor.java:36)
at io.jboot.web.handler.JbootActionInvocation.invoke(JbootActionInvocation.java:88)
at com.jfinal.ext.interceptor.SessionInViewInterceptor.intercept(SessionInViewInterceptor.java:44)
at io.jboot.web.handler.JbootActionInvocation.invoke(JbootActionInvocation.java:88)
at io.jboot.web.handler.JbootActionHandler.doStartRender(JbootActionHandler.java:161)
at io.jboot.web.handler.JbootActionHandler.handle(JbootActionHandler.java:121)
at io.jboot.web.handler.JbootHandler.doHandle(JbootHandler.java:46)
at io.jboot.web.handler.JbootHandler.handle(JbootHandler.java:36)
at io.jboot.web.attachment.AttachmentHandler.handle(AttachmentHandler.java:38)
at io.jboot.components.gateway.JbootGatewayHandler.handle(JbootGatewayHandler.java:35)
at com.quickplan.common.handler.GlobalHandler.handle(GlobalHandler.java:86)
at com.jfinal.core.JFinalFilter.doFilter(JFinalFilter.java:90)
at io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:61)
at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:131)
at org.apache.shiro.web.servlet.ProxiedFilterChain.doFilter(ProxiedFilterChain.java:61)
at org.apache.shiro.web.servlet.AdviceFilter.executeChain(AdviceFilter.java:108)
at org.apache.shiro.web.servlet.AdviceFilter.doFilterInternal(AdviceFilter.java:137)
at org.apache.shiro.web.servlet.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:125)
at org.apache.shiro.web.servlet.ProxiedFilterChain.doFilter(ProxiedFilterChain.java:66)
at org.apache.shiro.web.servlet.AbstractShiroFilter.executeChain(AbstractShiroFilter.java:450)
at org.apache.shiro.web.servlet.AbstractShiroFilter$1.call(AbstractShiroFilter.java:365)
at org.apache.shiro.subject.support.SubjectCallable.doCall(SubjectCallable.java:90)
at org.apache.shiro.subject.support.SubjectCallable.call(SubjectCallable.java:83)
at org.apache.shiro.subject.support.DelegatingSubject.execute(DelegatingSubject.java:387)
at org.apache.shiro.web.servlet.AbstractShiroFilter.doFilterInternal(AbstractShiroFilter.java:362)
at io.jboot.support.shiro.JbootShiroFilter.doFilterInternal(JbootShiroFilter.java:70)
at org.apache.shiro.web.servlet.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:125)
at io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:61)
at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:131)
at io.undertow.servlet.handlers.FilterHandler.handleRequest(FilterHandler.java:84)
at io.undertow.servlet.handlers.security.ServletSecurityRoleHandler.handleRequest(ServletSecurityRoleHandler.java:62)
at io.undertow.servlet.handlers.ServletChain$1.handleRequest(ServletChain.java:68)
at io.undertow.servlet.handlers.ServletDispatchingHandler.handleRequest(ServletDispatchingHandler.java:36)
at io.undertow.servlet.handlers.RedirectDirHandler.handleRequest(RedirectDirHandler.java:68)
at io.undertow.servlet.handlers.security.SSLInformationAssociationHandler.handleRequest(SSLInformationAssociationHandler.java:111)
at io.undertow.servlet.handlers.security.ServletAuthenticationCallHandler.handleRequest(ServletAuthenticationCallHandler.java:57)
at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
at io.undertow.security.handlers.AbstractConfidentialityHandler.handleRequest(AbstractConfidentialityHandler.java:46)
at io.undertow.servlet.handlers.security.ServletConfidentialityConstraintHandler.handleRequest(ServletConfidentialityConstraintHandler.java:64)
at io.undertow.security.handlers.AuthenticationMechanismsHandler.handleRequest(AuthenticationMechanismsHandler.java:60)
at io.undertow.servlet.handlers.security.CachedAuthenticatedSessionHandler.handleRequest(CachedAuthenticatedSessionHandler.java:77)
at io.undertow.security.handlers.AbstractSecurityContextAssociationHandler.handleRequest(AbstractSecurityContextAssociationHandler.java:43)
at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
at io.undertow.servlet.handlers.ServletInitialHandler.handleFirstRequest(ServletInitialHandler.java:269)
at io.undertow.servlet.handlers.ServletInitialHandler.access$100(ServletInitialHandler.java:78)
at io.undertow.servlet.handlers.ServletInitialHandler$2.call(ServletInitialHandler.java:133)
at io.undertow.servlet.handlers.ServletInitialHandler$2.call(ServletInitialHandler.java:130)
at io.undertow.servlet.core.ServletRequestContextThreadSetupAction$1.call(ServletRequestContextThreadSetupAction.java:48)
at io.undertow.servlet.core.ContextClassLoaderSetupAction$1.call(ContextClassLoaderSetupAction.java:43)
at io.undertow.servlet.handlers.ServletInitialHandler.dispatchRequest(ServletInitialHandler.java:249)
at io.undertow.servlet.handlers.ServletInitialHandler.access$000(ServletInitialHandler.java:78)
at io.undertow.servlet.handlers.ServletInitialHandler$1.handleRequest(ServletInitialHandler.java:99)
at io.undertow.server.Connectors.executeRootHandler(Connectors.java:396)
at io.undertow.server.HttpServerExchange$1.run(HttpServerExchange.java:830)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
at java.lang.Thread.run(Thread.java:745)
Caused by: org.apache.shiro.session.UnknownSessionException: There is no session with id [e0b1fc21-c768-4598-86e8-6ffa4e4fe89a]
at org.apache.shiro.session.mgt.eis.AbstractSessionDAO.readSession(AbstractSessionDAO.java:170)
at org.apache.shiro.session.mgt.eis.CachingSessionDAO.readSession(CachingSessionDAO.java:261)
at org.apache.shiro.session.mgt.DefaultSessionManager.retrieveSessionFromDataSource(DefaultSessionManager.java:236)
at org.apache.shiro.session.mgt.DefaultSessionManager.retrieveSession(DefaultSessionManager.java:222)
at org.apache.shiro.session.mgt.AbstractValidatingSessionManager.doGetSession(AbstractValidatingSessionManager.java:118)
at org.apache.shiro.session.mgt.AbstractNativeSessionManager.lookupSession(AbstractNativeSessionManager.java:148)
at org.apache.shiro.session.mgt.AbstractNativeSessionManager.lookupRequiredSession(AbstractNativeSessionManager.java:152)
at org.apache.shiro.session.mgt.AbstractNativeSessionManager.removeAttribute(AbstractNativeSessionManager.java:263)
at org.apache.shiro.session.mgt.DelegatingSession.removeAttribute(DelegatingSession.java:159)
at org.apache.shiro.session.ProxiedSession.removeAttribute(ProxiedSession.java:135)
at org.apache.shiro.web.servlet.ShiroHttpSession.removeAttribute(ShiroHttpSession.java:221)
... 74 more
贴下shiro.ini看看
设置基本上是参考jboot-admin
https://gitee.com/rlaxuc/jboot-admin/blob/master/jboot-admin/src/main/resources/shiro.ini
我的shiro.ini
[main]
#密码校验方法
passwordService = org.apache.shiro.authc.credential.DefaultPasswordService
passwordMatcher = org.apache.shiro.authc.credential.PasswordMatcher
passwordMatcher.passwordService = $passwordService
#CredentialsMatcher
#credentialsMatcher=com.quickplan.projectname.shiro.RetryLimitHashedCredentialsMatcher
#credentialsMatcher.hashAlgorithmName=md5
#credentialsMatcher.hashIterations=2
#credentialsMatcher.storedCredentialsHexEncoded=true
##允许的最大密码尝试次数,超过次数以后账户冻结指定时间
#credentialsMatcher.allowRetryCount=10
##超过次数以后账户冻结的时间 单位:秒
#credentialsMatcher.lockedSeconds=3600
#realm
shiroDbRealm = com.quickplan.projectname.shiro.ShiroDbRealm
shiroDbRealm.credentialsMatcher = $passwordMatcher
securityManager.realms = $shiroDbRealm
#sessionId相关设定
sessionIdCookie=org.apache.shiro.web.servlet.SimpleCookie
sessionIdCookie.name=projectname
#sessionIdCookie.domain=com.quickplancommon.projectname
#sessionIdCookie.path=
#cookie最大有效期,单位秒,默认30天
sessionIdCookie.maxAge=1800
sessionIdCookie.httpOnly=true
#session
sessionManager=org.apache.shiro.web.session.mgt.DefaultWebSessionManager
securityManager.sessionManager = $sessionManager
#超时时间,单位毫秒,1秒=1000毫秒(30分钟)
sessionManager.globalSessionTimeout = 1800000
sessionManager.sessionIdUrlRewritingEnabled=false
#sessionManager.sessionValidationSchedulerEnabled=false
sessionDAO=com.quickplan.projectname.shiro.MySessionDAO
sessionDAO.activeSessionsCacheName=shiro-active-session
sessionManager.sessionDAO=$sessionDAO
sessionManager.sessionIdCookie=$sessionIdCookie
sessionManager.sessionIdCookieEnabled=true
webSessionListener=com.quickplan.projectname.shiro.MyWebSessionListener
securityManager.sessionManager.sessionListeners = $webSessionListener
subjectFactory=com.quickplan.projectname.shiro.MySubjectFactory
securityManager.subjectFactory=$subjectFactory
#策略
authcStrategy = com.quickplan.projectname.shiro.AnySuccessfulStrategy
securityManager.authenticator.authenticationStrategy = $authcStrategy
#cache
cacheManager = io.jboot.support.shiro.cache.JbootShiroCacheManager
securityManager.cacheManager = $cacheManager
#编码过滤器,处理jboot中使用shiro,post中文乱码问题
character=com.quickplan.projectname.shiro.CharacterEncodingFilter
[urls]
#/** = anon
#/admin/log** = anon
#/admin/** = roles
此处可能存在不合适展示的内容,页面不予展示。您可通过相关编辑功能自查并修改。
如您确认内容无涉及 不当用语 / 纯广告导流 / 暴力 / 低俗色情 / 侵权 / 盗版 / 虚假 / 无价值内容或违法国家有关法律法规的内容,可点击提交进行申诉,我们将尽快为您处理。
我的shiro.ini 可以参考下@
[main]
shiroCacheManager=io.jboot.support.shiro.cache.JbootShiroCacheManager
rememberMeManager=org.apache.shiro.web.mgt.CookieRememberMeManager
securityManager.cacheManager=$shiroCacheManager
casRealm=security.NXUCasRealm
#casRealm=org.apache.shiro.cas.CasRealm
securityManager.realm=$casRealm
#设置sessionCookie
sessionIdCookie=org.apache.shiro.web.servlet.SimpleCookie
sessionIdCookie.name=_nothing_
sessionIdCookie.domain=mjl.dev
#sessionIdCookie.path=
#cookie最大有效期,单位秒,默认30天
sessionIdCookie.maxAge=2592000
sessionIdCookie.httpOnly=true
sessionManager=org.apache.shiro.web.session.mgt.DefaultWebSessionManager
sessionDAO = org.apache.shiro.session.mgt.eis.EnterpriseCacheSessionDAO
sessionDAO.cacheManager=$shiroCacheManager
sessionManager.sessionDAO=$sessionDAO
sessionManager.sessionIdCookie=$sessionIdCookie
sessionManager.sessionIdCookieEnabled=true
sessionManager.sessionIdUrlRewritingEnabled=false
securityManager.sessionManager=$sessionManager
#securityManager.sessionManager=$servletContainerSessionManager
#session过期时间,单位毫秒,默认两天
securityManager.sessionManager.globalSessionTimeout=172800000
1.照搬你的配置之后,会导致登录失败,我的登录流程里会在request.session中存东西,在shiro的Realm中从shiro的session取出再作处理。在你提供的这个配置下,在controler中使用Session.invalidate、Session.removeAttribute方法不会报错。
2.用我的配置,登录逻辑处理一切正常,唯独登出后台的时候会出现本issue的报错。报错之后session中的内容确实清除了,变成未登录状态,我现在临时处理是加try语句包裹
试一下这个ini吧,这个你那边应该能用
[main]
rememberMeManager=org.apache.shiro.web.mgt.CookieRememberMeManager
#realm
casRealm=security.NXUCasRealm
#casRealm=org.apache.shiro.cas.CasRealm
securityManager.realm=$casRealm
#sessionId相关设定
sessionIdCookie=org.apache.shiro.web.servlet.SimpleCookie
sessionIdCookie.name=bszdormitory
#sessionIdCookie.domain=com.quickplancommon.bszdormitory
#sessionIdCookie.path=
#cookie最大有效期,单位秒,默认30天
sessionIdCookie.maxAge=1800
sessionIdCookie.httpOnly=true
#session
sessionManager=org.apache.shiro.web.session.mgt.DefaultWebSessionManager
securityManager.sessionManager = $sessionManager
#超时时间,单位毫秒,1秒=1000毫秒(30分钟)
sessionManager.globalSessionTimeout = 1800000
sessionManager.sessionIdUrlRewritingEnabled=false
#sessionManager.sessionValidationSchedulerEnabled=false
sessionDAO=org.apache.shiro.session.mgt.eis.EnterpriseCacheSessionDAO
sessionDAO.activeSessionsCacheName=shiro-active-session
sessionManager.sessionDAO=$sessionDAO
sessionManager.sessionIdCookie=$sessionIdCookie
sessionManager.sessionIdCookieEnabled=true
#cache
cacheManager = io.jboot.support.shiro.cache.JbootShiroCacheManager
securityManager.cacheManager = $cacheManager
@zeroabc ,你是用SecurityUtils获得session的吗?shiro的session要看是哪个sessionmanager,如果我没记错org.apache.shiro.web.session.mgt.ServletContainerSessionManager是httpsession,那就是直接用jboot封装过的session,正常获取就行也有缓存,而
org.apache.shiro.web.session.mgt.DefaultWebSessionManager就是单独的shiro的simplesession,要用SecurityUtils获得�
抱歉电脑坏了,刚修好,现在才回复。是用SecurityUtils.getSubject().getSession(false)获取的,在ShiroDbRealm的登录回调处理里面执行,doGetAuthenticationInfo。正如我前面所说,我的登录流程里会在request.session中存东西,在shiro的Realm中从shiro的session取出再作处理。
登录 后才可以发表评论