Hi, Im not an expert but i wanted to give you a quick reply. I think its in the webFilter. But it depends of your configuration.
take a look at http://shiro.apache.org/webapp-tutorial.html you should have something like this in your web.xml 1b: Enable Shiro in web.xml While we have a shiro.ini configuration, we need to actually *load* it and start a new Shiro environment and make that environment available to the web application. We do all of this by adding a few things to the existing src/main/webapp/WEB-INF/web.xml file: <listener> <listener-class>org.apache.shiro.web.env.EnvironmentLoaderListener</listener-class> </listener> <filter> <filter-name>ShiroFilter</filter-name> * <filter-class>org.apache.shiro.web.servlet.ShiroFilter</filter-class>* </filter> <filter-mapping> <filter-name>ShiroFilter</filter-name> <url-pattern>/*</url-pattern> <dispatcher>REQUEST</dispatcher> <dispatcher>FORWARD</dispatcher> <dispatcher>INCLUDE</dispatcher> <dispatcher>ERROR</dispatcher> </filter-mapping> On Thu, Aug 11, 2016 at 12:19 PM, 张云 <[email protected]> wrote: > hi,all > I use shiro with spring and configure ShiroFilterFactoryBean without > any customized filters. > I set the filterChainDefinition: > > /sys/menu = user > > When I access the url, I think it will redirect me to loginUrl. But he > pass the request and throw the exception where SecurityUtils.getSubject is > called. > > I step into the call, and find the exception is thrown by the ThreadContex. > getSecurityManager. > > I want to know where the security manager is bound to ThreadContex? Or if > I made a wrong configuration? > > Thx. > > 发自 网易邮箱大师 <http://u.163.com/signature> > > >
