Apache Shiro:登录时出现 IllegalArgumentException
Posted
技术标签:
【中文标题】Apache Shiro:登录时出现 IllegalArgumentException【英文标题】:Apache Shiro: IllegalArgumentException upon login 【发布时间】:2014-06-08 13:50:15 【问题描述】:使用 Apache Shiro 时,登录时出现以下异常:
java.lang.IllegalArgumentException:配置错误。配置错误。指定具有属性 [loginUrl] 的对象 [authc],而无需先定义该对象的类。请先指定类属性,例如myObject = fully_qualified_class_name,然后定义其他属性。
shiro.ini
# -----------------------------------------------------------------------------
[main]
authc.loginUrl=/login.xhtml
authc.successUrl=/hello.xhtml
logout.redirectUrl=/hello.xhtml
# Users and their (optional) assigned roles
# username = password, role1, role2, ..., roleN
# -----------------------------------------------------------------------------
[users]
root = secret, admin
guest = guest, guest
# -----------------------------------------------------------------------------
# Roles with assigned permissions
# roleName = perm1, perm2, ..., permN
-----------------------------------------------------------------------------
[roles]
admin = *
schwartz = lightsaber:*
goodguy = winnebago:drive:eagle5
#------------------------------------------------------------------------------
[urls]
/hello.xhtml= authc
控制器
public void login()
Factory<SecurityManager> factory = new IniSecurityManagerFactory();
SecurityManager securityManager = factory.getInstance();
SecurityUtils.setSecurityManager(securityManager);
Subject currentUser=SecurityUtils.getSubject();
if(!currentUser.isAuthenticated())
UsernamePasswordToken token=new UsernamePasswordToken("root","secret");
token.setRememberMe(true);
try
currentUser.login(token);
catch(UnknownAccountException e)
System.out.println("username is incorrect");
catch (IncorrectCredentialsException e)
System.out.println("password is incorrect");
catch (LockedAccountException e)
System.out.println("account was locked");
catch (AuthenticationException e)
System.out.println("there are some error");
web.xml
<listener>
<listener-class>com.sun.faces.config.ConfigureListener</listener-class>
</listener>
<servlet>
<servlet-name>Faces Servlet</servlet-name>
<servlet-class>javax.faces.webapp.FacesServlet</servlet-class>
<load-on-startup>1</load-on-startup>
</servlet>
<servlet-mapping>
<servlet-name>Faces Servlet</servlet-name>
<url-pattern>*.xhtml</url-pattern>
</servlet-mapping>
<listener>
<listener-class>org.apache.shiro.web.env.EnvironmentLoaderListener</listener-class>
</listener>
<filter>
<filter-name>ShiroFilter</filter-name>
<filter-class>org.apache.shiro.web.servlet.ShiroFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>ShiroFilter</filter-name>
<url-pattern>/*</url-pattern>
<dispatcher>REQUEST</dispatcher>
<dispatcher>FORWARD</dispatcher>
<dispatcher>INCLUDE</dispatcher>
<dispatcher>ERROR</dispatcher>
</filter-mapping>
【问题讨论】:
【参考方案1】:尝试使用PassThruAuthenticationFilter 从控制器执行登录尝试。将此行添加到 shiro.ini:
authc = org.apache.shiro.web.filter.authc.PassThruAuthenticationFilter
接下来,当您从 web.xml 文件启动 Shiro 安全管理器时,可以从 login() 方法中删除以下代码行:
Factory<SecurityManager> factory = new IniSecurityManagerFactory();
SecurityManager securityManager = factory.getInstance();
SecurityUtils.setSecurityManager(securityManager);
请注意,FormAuthenticationFilter 是另一种身份验证过滤器,也有助于处理登录请求。
【讨论】:
以上是关于Apache Shiro:登录时出现 IllegalArgumentException的主要内容,如果未能解决你的问题,请参考以下文章
当shiro做成动态URL管理时出现循环注入BeanCurrentlyInCreationException的问题解决方法
在 apache shiro 中获取令牌提交的异常身份验证失败