[
https://issues.apache.org/jira/browse/SHIRO-879?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
kretz kuang updated SHIRO-879:
------------------------------
Priority: Major (was: Minor)
> spring boot errorPageFilter is not eligible for getting processed by all
> BeanPostProcessors
> -------------------------------------------------------------------------------------------
>
> Key: SHIRO-879
> URL: https://issues.apache.org/jira/browse/SHIRO-879
> Project: Shiro
> Issue Type: Bug
> Components: Configuration
> Affects Versions: 1.9.0
> Environment: spring boot 2.6.6
> standalone apache-tomcat-9.0.62
> Reporter: kretz kuang
> Priority: Major
> Attachments: Original debugger.png, Original error page.png,
> Original log .png, fixed log.png, fixed debugger.png, fixed error page.png
>
>
> Integration with spring boot 2.6.6, Deployed in standalone Tomcat.
> Inject Bean Map<String, Filter> filterMap, initialize errorPageFilter is too
> early, when build Bean ShiroFilterFactoryBean. Cause BasicErrorController
> injection failure, unable to add default error handling path /error.
> The reason is that ErrorPageFilter is not processed by
> ErrorPageRegistrarBeanPostProcessor.
> Fix it like this:
> change class AbstractShiroWebFilterConfiguration
> {code:java}
> @Autowired(required = false)
> protected Map<String, Filter> filterMap;{code}
> to
> {code:java}
> @Autowired(required = false)
> @Qualifier("shiroFilters")
> protected Map<String, Filter> filterMap;{code}
> It's just that we need to qualify name as shiroFilters in custom filters.
> {code:java}
> @Bean
> public Map<String, Filter> shiroFilters(AuthorizationManager
> authorizationProvider) {
> Map<String, Filter> filters = new HashMap<>();
> filters.put("authc", new CaptchaFormAuthenticationFilter());
> filters.put("perms", new UrlAuthorizationFilter(authorizationProvider));
> return filters;
> }{code}
> At present, I give up using ShiroWebFilterConfiguration and configure
> ShiroFilterFactoryBean separately.
> The complete configuration is as follows :
> {code:java}
> @Configuration
> @ConditionalOnProperty(name = "shiro.web.enabled", matchIfMissing = true)
> public class ShiroWebFilterConfiguration {
>
> @Autowired
> protected SecurityManager securityManager;
> @Autowired
> protected ShiroFilterChainDefinition shiroFilterChainDefinition;
> @Autowired(required = false)
> @Qualifier("shiroFilters")
> protected Map<String, Filter> filterMap;
> @Value("#{ @environment['shiro.loginUrl'] ?: '/login.jsp' }")
> protected String loginUrl;
> @Value("#{ @environment['shiro.successUrl'] ?: '/' }")
> protected String successUrl;
> @Value("#{ @environment['shiro.unauthorizedUrl'] ?: null }")
> protected String unauthorizedUrl;
> protected List<String> globalFilters() {
> return Collections.singletonList(DefaultFilter.invalidRequest.name());
> }
> @Bean
> public ShiroFilterFactoryBean shiroFilterFactoryBean() {
> ShiroFilterFactoryBean filterFactoryBean = new
> ShiroFilterFactoryBean();
> filterFactoryBean.setLoginUrl(loginUrl);
> filterFactoryBean.setSuccessUrl(successUrl);
> filterFactoryBean.setUnauthorizedUrl(unauthorizedUrl);
> filterFactoryBean.setSecurityManager(securityManager);
> filterFactoryBean.setGlobalFilters(globalFilters());
>
> filterFactoryBean.setFilterChainDefinitionMap(shiroFilterChainDefinition.getFilterChainMap());
> filterFactoryBean.setFilters(filterMap);
> return filterFactoryBean;
> }
> {code}
>
> {color:#ff0000}However, using embedded Tomcat will not cause this
> problem{color}
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
