shiro配合aop会出现的问题

今天碰到一个有趣的问题,当在shiro配合filter鉴定token后,在控制层
加上@RequireRoles是没有问题的,
但是今天心血来潮,想加一个aop看日志输出,
但是加完之后就报错了:

   : This subject is anonymous - it does not have any identifying principals and authorization operations require an identity to check against.  A Subject instance will acquire these identifying principals automatically after a successful login is performed be executing org.apache.shiro.subject.Subject.login(AuthenticationToken) or when 'Remember Me' functionality is enabled by the SecurityManager.  This exception can also occur when a previously logged-in Subject has logged out which makes it anonymous again.  Because an identity is currently not known due to any of these conditions, authorization is denied.

org.apache.shiro.authz.UnauthenticatedException: This subject is anonymous - it does not have any identifying principals and authorization operations require an identity to check against.  A Subject instance will acquire these identifying principals automatically after a successful login is performed be executing org.apache.shiro.subject.Subject.login(AuthenticationToken) or when 'Remember Me' functionality is enabled by the SecurityManager.  This exception can also occur when a previously logged-in Subject has logged out which makes it anonymous again.  Because an identity is currently not known due to any of these conditions, authorization is denied.

报错提醒我好像是subject shiro的用户主体变为了匿名,
它说在使用login方法之后,shiro会将用户信息放入subject,跟rememberme也有关。
但是调整了一下发现问题好像依旧存在,
新把代码改为分支代码,加入aop,出问题,随即删除aop类,
重新编译运行,居然问题还在,我的天啊!

posted @ 2022-01-29 19:31  ukyo--夜王  阅读(895)  评论(2编辑  收藏  举报