Apache shiro 2.1 在 Tomcat 8 RC 5 中无法正常工作

Posted 2023-02-27

技术标签:

【中文标题】Apache shiro 2.1 在 Tomcat 8 RC 5 中无法正常工作【英文标题】：Apache shiro 2.1 does not work properly in Tomcat 8 RC 5 【发布时间】：2013-11-02 21:17:38 【问题描述】：

该应用程序在 tomcat 7.x 中运行良好，但在 tomcat 8 RC5 中无法正常运行

我有一个 Apache wicket 应用程序，我在其中配置了带有 JDBC 领域的 Apache Shiro 2.1。应用程序登录后，在主页上我从 Shiro API 访问用户名有了这个

SecurityUtils.getSubject().getPrincipal().toString();

这在 Apache 8 RC5 中给出了一个空指针异常。此外，应用程序似乎一起绕过了 apache shiro servlet 并直接进入主页，而它应该进入登录页面。

同样适用于 Apache 7.x。

我尝试了 Shiro INI 中的各种配置选项来解决这个问题，但都没有奏效。

我的 Web.xml 看起来像这样

<?xml version="1.0" encoding="UTF-8"?>

http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd"> 客制化

<welcome-file-list>
    <welcome-file>index.jsp</welcome-file>
</welcome-file-list>
  <listener>
    <listener-class>org.apache.shiro.web.env.EnvironmentLoaderListener</listener-class>
</listener>
    <filter>
    <filter-name>ShiroFilter</filter-name>
    <filter-class>org.apache.shiro.web.servlet.IniShiroFilter</filter-class>
    <init-param>
     <param-name>staticSecurityManagerEnabled</param-name>
     <param-value>true</param-value>
 </init-param>



</filter>


<filter>
    <filter-name>ExpiresFilter</filter-name>
    <filter-class>org.apache.catalina.filters.ExpiresFilter</filter-class>
    <init-param>
        <param-name>ExpiresByType image</param-name>
        <param-value>access plus 1 years</param-value>
    </init-param>
    <init-param>
        <param-name>ExpiresByType text/css</param-name>
        <param-value>access plus 1 years</param-value>
    </init-param>
    <init-param>
        <param-name>ExpiresByType application/javascript</param-name>
        <param-value>access plus 10 years</param-value>
    </init-param>
</filter>

<!--    <filter>
    <filter-name>CacheControl</filter-name>
    <filter-class>com.filter.cache.CacheControl</filter-class>
</filter>-->

<!--    <filter-mapping>
    <filter-name>CacheControl</filter-name>
    <url-pattern>/*</url-pattern>
    <dispatcher>REQUEST</dispatcher>
</filter-mapping>-->
<filter-mapping>
    <filter-name>ShiroFilter</filter-name>
    <url-pattern>/app/*</url-pattern>
</filter-mapping>

<filter-mapping>
    <filter-name>ExpiresFilter</filter-name>
    <url-pattern>/*</url-pattern>
    <dispatcher>REQUEST</dispatcher>
</filter-mapping>
<resource-ref>
    <description>DB Connection</description>
    <res-ref-name>jdbc/CUSTOMERIC_DS</res-ref-name>
    <res-type>javax.sql.DataSource</res-type>
    <res-auth>Container</res-auth>
</resource-ref>
<servlet>
    <servlet-name>ServletAdaptor</servlet-name>
    <servlet-class>com.sun.jersey.spi.container.servlet.ServletContainer</servlet-class>
    <init-param>
        <param-name>javax.ws.rs.Application</param-name>
        <param-value>com.test.rest.MyApplication</param-value>
    </init-param>
</servlet>
<servlet-mapping>
    <servlet-name>ServletAdaptor</servlet-name>
    <url-pattern>/app/rest/*</url-pattern>
</servlet-mapping>




<servlet>
    <description>Atmospherefilter</description>
    <servlet-name>Atmospherefilter</servlet-name>
    <servlet-class>org.atmosphere.cpr.AtmosphereServlet</servlet-class>
    <init-param>
        <param-name>applicationClassName</param-name>
        <param-value>com.test.testWicketApplication</param-value>
    </init-param>
    <init-param>
        <param-name>configuration</param-name>
        <param-value>development</param-value>
    </init-param>
    <init-param>
        <param-name>org.atmosphere.useWebSocket</param-name>
        <param-value>true</param-value>
    </init-param>
    <init-param>
        <param-name>org.atmosphere.useNative</param-name>
        <param-value>true</param-value>
    </init-param>
    <init-param>
        <param-name>org.atmosphere.cpr.sessionSupport</param-name>
        <param-value>true</param-value>
    </init-param>
    <init-param>
        <param-name>filterMappingUrlPattern</param-name>
        <param-value>/app/w/*</param-value>
    </init-param>
    <init-param>
        <param-name>org.atmosphere.websocket.WebSocketProtocol</param-name>
        <param-value>org.atmosphere.websocket.protocol.EchoProtocol</param-value>
    </init-param>
    <init-param>
        <param-name>org.atmosphere.cpr.broadcastFilterClasses</param-name>
        <param-value>org.apache.wicket.atmosphere.TrackMessageSizeFilter</param-value>
    </init-param>

    <load-on-startup>0</load-on-startup>
    <async-supported>true</async-supported>
</servlet>
<servlet-mapping>
    <servlet-name>Atmospherefilter</servlet-name>
    <url-pattern>/app/w/*</url-pattern>
</servlet-mapping>

<session-config>
    <session-timeout>30</session-timeout>

</session-config>

我的 apache shiro ini 看起来像这样

             [main]

            jdbcRealm=com.test.JNDIAndSaltAwareJdbcRealm
            jdbcRealm.authenticationQuery = select password, salt from users where username = ?
            jdbcRealm.userRolesQuery = select rolename from roles left outer join users_roles on roles.id = users_roles.roles_id left outer join users on users.id = users_roles.users_id where users.username = ?
            jdbcRealm.permissionsQuery = select permission from permissions left outer join roles_permissions on permissions.id = roles_permissions.permissions_id left outer join roles on roles.id = roles_permissions.roles_id where roles.rolename = ?
            jdbcRealm.permissionsLookupEnabled=true
            #jdbcRealm.authorizationCache=true             



            securityManager.realms = $jdbcRealm

            authc.loginUrl = /app/login.jsp



            ds =  org.apache.tomcat.jdbc.pool.DataSource
            ds.driverClassName = org.apache.derby.jdbc.ClientDriver
            ds.username = test
            ds.password = test                
            ds.url = jdbc:derby://localhost:1527/testdb
            ds.maxActive = 20
            ds.minIdle = 10
            ds.minEvictableIdleTimeMillis = 1000 * 60 * 8
            ds.timeBetweenEvictionRunsMillis  = 1000 * 60 * 10
            ds.removeAbandoned = true
            ds.removeAbandonedTimeout = 600
            jdbcRealm.dataSource = $ds          

            # password hashing specification, put something big for hasIterations
            sha256Matcher = org.apache.shiro.authc.credential.HashedCredentialsMatcher
            sha256Matcher.hashAlgorithmName=SHA-256
            sha256Matcher.hashIterations=1

            jdbcRealm.credentialsMatcher = $sha256Matcher

            # *** ENABLE IN PRODUCTION ****               
            #cacheManager = org.apache.shiro.cache.ehcache.EhCacheManager
            #securityManager.cacheManager = $cacheManager

            [urls]
            /app/rest/mobile/** = authcBasic
            /app/rest/web/** = authc
            /app/** = authc

            #/* = authc,ssl[8181]

【问题讨论】：

这可能是 RC5 的问题。尝试使用 zip 分发再次安装 Tomcat。您需要 8 个或 7 个的任何特定需求都可以。我使用 RC5 的压缩发行版，以及早期的 RC3 来测试这一点。我想使用 tomcat 8 主要是因为它使用 NIO 和 websockets。 【参考方案1】：

好像已经用最新的 Tomcat RC8 解决了

【讨论】：

以上是关于Apache shiro 2.1 在 Tomcat 8 RC 5 中无法正常工作的主要内容，如果未能解决你的问题，请参考以下文章

Tomcat 重启后 Apache Shiro isAuthenticated 返回 true

Shiro 和 Tomcat AccessLogValve

ssm整合shiro时web。xml中配置filter，tomcat报错

apache shiro：如何使用 spring applicationcontext 设置 authenticationStrategy？

Apache-Shiro 和 Chrome [关闭]