对容易忽略的地方记录如下:
1.需要引入下面2个依赖,具体版本根据自身环境修改:
<dependency> <groupId>org.apache.geronimo.bundles</groupId> <artifactId>aspectjweaver</artifactId> <version>1.6.8_2</version> </dependency> <dependency> <groupId>org.aspectj</groupId> <artifactId>aspectjrt</artifactId> <version>1.8.10</version> </dependency>
2。注入这两个bean:
/** * 注解访问授权动态拦截,不然不会执行doGetAuthenticationInfo * * @param securityManager * @return */ @Bean public AuthorizationAttributeSourceAdvisor authorizationAttributeSourceAdvisor(SecurityManager securityManager) { AuthorizationAttributeSourceAdvisor authorizationAttributeSourceAdvisor = new AuthorizationAttributeSourceAdvisor(); authorizationAttributeSourceAdvisor.setSecurityManager(securityManager); return authorizationAttributeSourceAdvisor; } /** * 授权未通过时(403)错误处理,没有这个不会跳转到403页面 * * @return */ @Bean public SimpleMappingExceptionResolver getSimpleMappingExceptionResolver() { SimpleMappingExceptionResolver simpleMappingExceptionResolver = new SimpleMappingExceptionResolver(); Properties mappings = new Properties(); mappings.setProperty("org.apache.shiro.authz.UnauthorizedException", "/error/403"); simpleMappingExceptionResolver.setExceptionMappings(mappings); return simpleMappingExceptionResolver; }
完毕!
这个时候执行如下代码,就会跳转到403页面:
@RequiresPermissions("user:test")
@GetMapping("/test")public String test() { String strResult = "/test"; return strResult; }
