Apache shiro 2.1在Tomcat 8 RC 5中无法正常工作
[英]Apache shiro 2.1 does not work properly in Tomcat 8 RC 5
问题描述
The application works fine in tomcat 7.x but not in tomcat 8 RC5 
该应用程序在tomcat 7.x中工作正常,但在tomcat 8 RC5中却无法正常工作
I have an Apache wicket application where I have configured Apache Shiro 2.1 with JDBC realm. 我有一个Apache wicket应用程序,其中已使用JDBC领域配置了Apache Shiro 2.1。 After the application logs in, on the home page i access the the username from the Shiro API with this 应用程序登录后,在主页上,我以此访问Shiro API的用户名
SecurityUtils.getSubject().getPrincipal().toString();
this gives an null pointer exception in Apache 8 RC5. 这在Apache 8 RC5中给出了空指针异常。 Also it seems the application bypasses the apache shiro servlet all together and directly goes to the Homepage, whereas it should go to the login page. 同样,该应用程序似乎一起绕过了apache shiro servlet,直接进入了首页,而应该进入了登录页面。
The same works fine in Apache 7.x. 在Apache 7.x中同样可以正常工作。
I have tried various configuration options in Shiro INI to fix this , but none of them worked. 我已尝试在Shiro INI中使用各种配置选项来解决此问题,但是它们都没有起作用。
my Web.xml looks like this 我的Web.xml看起来像这样
<?xml version="1.0" encoding="UTF-8"?>
http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd"> Customeric http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd“>客户
<welcome-file-list>
<welcome-file>index.jsp</welcome-file>
</welcome-file-list>
<listener>
<listener-class>org.apache.shiro.web.env.EnvironmentLoaderListener</listener-class>
</listener>
<filter>
<filter-name>ShiroFilter</filter-name>
<filter-class>org.apache.shiro.web.servlet.IniShiroFilter</filter-class>
<init-param>
<param-name>staticSecurityManagerEnabled</param-name>
<param-value>true</param-value>
</init-param>
</filter>
<filter>
<filter-name>ExpiresFilter</filter-name>
<filter-class>org.apache.catalina.filters.ExpiresFilter</filter-class>
<init-param>
<param-name>ExpiresByType image</param-name>
<param-value>access plus 1 years</param-value>
</init-param>
<init-param>
<param-name>ExpiresByType text/css</param-name>
<param-value>access plus 1 years</param-value>
</init-param>
<init-param>
<param-name>ExpiresByType application/javascript</param-name>
<param-value>access plus 10 years</param-value>
</init-param>
</filter>
<!-- <filter>
<filter-name>CacheControl</filter-name>
<filter-class>com.filter.cache.CacheControl</filter-class>
</filter>-->
<!-- <filter-mapping>
<filter-name>CacheControl</filter-name>
<url-pattern>/*</url-pattern>
<dispatcher>REQUEST</dispatcher>
</filter-mapping>-->
<filter-mapping>
<filter-name>ShiroFilter</filter-name>
<url-pattern>/app/*</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>ExpiresFilter</filter-name>
<url-pattern>/*</url-pattern>
<dispatcher>REQUEST</dispatcher>
</filter-mapping>
<resource-ref>
<description>DB Connection</description>
<res-ref-name>jdbc/CUSTOMERIC_DS</res-ref-name>
<res-type>javax.sql.DataSource</res-type>
<res-auth>Container</res-auth>
</resource-ref>
<servlet>
<servlet-name>ServletAdaptor</servlet-name>
<servlet-class>com.sun.jersey.spi.container.servlet.ServletContainer</servlet-class>
<init-param>
<param-name>javax.ws.rs.Application</param-name>
<param-value>com.test.rest.MyApplication</param-value>
</init-param>
</servlet>
<servlet-mapping>
<servlet-name>ServletAdaptor</servlet-name>
<url-pattern>/app/rest/*</url-pattern>
</servlet-mapping>
<servlet>
<description>Atmospherefilter</description>
<servlet-name>Atmospherefilter</servlet-name>
<servlet-class>org.atmosphere.cpr.AtmosphereServlet</servlet-class>
<init-param>
<param-name>applicationClassName</param-name>
<param-value>com.test.testWicketApplication</param-value>
</init-param>
<init-param>
<param-name>configuration</param-name>
<param-value>development</param-value>
</init-param>
<init-param>
<param-name>org.atmosphere.useWebSocket</param-name>
<param-value>true</param-value>
</init-param>
<init-param>
<param-name>org.atmosphere.useNative</param-name>
<param-value>true</param-value>
</init-param>
<init-param>
<param-name>org.atmosphere.cpr.sessionSupport</param-name>
<param-value>true</param-value>
</init-param>
<init-param>
<param-name>filterMappingUrlPattern</param-name>
<param-value>/app/w/*</param-value>
</init-param>
<init-param>
<param-name>org.atmosphere.websocket.WebSocketProtocol</param-name>
<param-value>org.atmosphere.websocket.protocol.EchoProtocol</param-value>
</init-param>
<init-param>
<param-name>org.atmosphere.cpr.broadcastFilterClasses</param-name>
<param-value>org.apache.wicket.atmosphere.TrackMessageSizeFilter</param-value>
</init-param>
<load-on-startup>0</load-on-startup>
<async-supported>true</async-supported>
</servlet>
<servlet-mapping>
<servlet-name>Atmospherefilter</servlet-name>
<url-pattern>/app/w/*</url-pattern>
</servlet-mapping>
<session-config>
<session-timeout>30</session-timeout>
</session-config>
and my apache shiro ini looks like this 而我的apache shiro ini看起来像这样
[main]
jdbcRealm=com.test.JNDIAndSaltAwareJdbcRealm
jdbcRealm.authenticationQuery = select password, salt from users where username = ?
jdbcRealm.userRolesQuery = select rolename from roles left outer join users_roles on roles.id = users_roles.roles_id left outer join users on users.id = users_roles.users_id where users.username = ?
jdbcRealm.permissionsQuery = select permission from permissions left outer join roles_permissions on permissions.id = roles_permissions.permissions_id left outer join roles on roles.id = roles_permissions.roles_id where roles.rolename = ?
jdbcRealm.permissionsLookupEnabled=true
#jdbcRealm.authorizationCache=true
securityManager.realms = $jdbcRealm
authc.loginUrl = /app/login.jsp
ds = org.apache.tomcat.jdbc.pool.DataSource
ds.driverClassName = org.apache.derby.jdbc.ClientDriver
ds.username = test
ds.password = test
ds.url = jdbc:derby://localhost:1527/testdb
ds.maxActive = 20
ds.minIdle = 10
ds.minEvictableIdleTimeMillis = 1000 * 60 * 8
ds.timeBetweenEvictionRunsMillis = 1000 * 60 * 10
ds.removeAbandoned = true
ds.removeAbandonedTimeout = 600
jdbcRealm.dataSource = $ds
# password hashing specification, put something big for hasIterations
sha256Matcher = org.apache.shiro.authc.credential.HashedCredentialsMatcher
sha256Matcher.hashAlgorithmName=SHA-256
sha256Matcher.hashIterations=1
jdbcRealm.credentialsMatcher = $sha256Matcher
# *** ENABLE IN PRODUCTION ****
#cacheManager = org.apache.shiro.cache.ehcache.EhCacheManager
#securityManager.cacheManager = $cacheManager
[urls]
/app/rest/mobile/** = authcBasic
/app/rest/web/** = authc
/app/** = authc
#/* = authc,ssl[8181]
1 个解决方案
解决方案1
0 已采纳 2014-01-15 08:30:23
看起来最新的Tomcat RC8已解决
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.
相关问题
Apache Shiro 枚举仍在 Tomcat 上的 memory 中取消部署 - Apache Shiro Enums still in memory on Tomcat undeploy
Apache Shiro是否支持bCrypt? - Does Apache Shiro support bCrypt?
Apache Shiro需要哪些数据库表? - What database tables does Apache Shiro require?
Tomcat重新启动后,Apache Shiro isAuthenticated返回true - Apache Shiro isAuthenticated returns true after Tomcat restart
四郎:怎么记得我的工作? - Shiro: how does remember me work?
类加载器如何在 Apache Tomcat 中部署的 WAR 中工作 - How does class loaders work in a WAR deployed in Apache Tomcat
apache shiro:authc.loginUrl不起作用 - apache shiro: authc.loginUrl doesn't work
Shiro和Tomcat AccessLogValve - Shiro and Tomcat AccessLogValve
使用JNDI配置Tomcat 8和Shiro - Configure Tomcat 8 and Shiro with JNDI
JPA 2.1中的@ConstructorResult映射不适用于Hibernate 4.3.5.Final - @ConstructorResult mapping in JPA 2.1 does not work properly with Hibernate 4.3.5.Final
相关标签