https://www.myziyuan.com/
- 111
- JSP中直接引用Shiro标签比较简单可以参考JSP / GSP 标签库-Shiro权限学习1:http://blog.csdn.net/ahou2468/article/details/71130582JS中引用Shiro的标签不起作用的问题解决方法:1.第一种情况假如js中生成标签代码是固定死的解决起来比较容易,直接在需要权限判断标签前和后加上权限控制标签,即可以起作用<divid="leftnav"class="site-text"lay-filter="left"></div><scripttype="text/javascript">var ulHtml;ulHtml += '<shiro:hasRole name="999999">'ulHtml += '<i class="layui-icon" data-icon="' + data[i].children[j].icon +'">' + data[i].children[j].icon +'</i>';ulHtml +='</shiro:hasRole>'$('#leftnav').html(ulHtml);</script>,但是假如Shiro标签name参数使动态传进去的则Shiro标签作用失效了,会导致是Shiro标签中所的html标签不管有没有权限都不显示,事例:<div id="leftnav" class="site-text" lay-filter="left"></div><script type="text/javascript">var ulHtml;var name = "999999";ulHtml += '<shiro:hasRole name="'+name+'">'ulHtml += '<i class="layui-icon" data-icon="' + data[i].children[j].icon + '">' + data[i].children[j].icon + '</i>';ulHtml +='</shiro:hasRole>'$('#leftnav').html(ulHtml);</script>这种情况我的解决方案是,在后台查询到用户的权限数据时直接放到Session中,js中不通过Shiro标签判断而是自己通过获取权限的url动态判断/*** Shiro身份认证+授权 重写**/public class SampleRealm extends AuthorizingRealm{/*** 授权处理*/@Overrideprotected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollectionprincipals) {Long userId = TokenManager.getUserId();SimpleAuthorizationInfoinfo =new SimpleAuthorizationInfo();//根据用户ID查询角色和权限,放入到Authorization里。Set<String> roles = roleService.findRoleByUserId(userId);info.setRoles(roles);//根据用户ID查询权限(permission),放入到Authorization里Set<String> permissions = permissionService.findPermissionByUserId(userId);info.setStringPermissions(permissions);//权限数据时直接放到Session中TokenManager.setVal2Session("permissions", permissions);returninfo;}JS中可以通过Session中获取权限数据var pers = '<%=session.getAttribute("permissions")%>';//将权限数据数组进行分割转为字符串数组,然后循环判断是否你访问的url元素在授权中,若在授权中动态生成html标签则显示,否则则隐藏掉var resultpers = pers.replace('[','').replace(']','').split(',');
- 2021-02-24 09:50:01
- 苹果cms
- 解决方法:1、mvcnone_authority2、web.xml 500 /error.jsp 原因:shiro的源代码ShiroFilterFactoryBean.java[java] view plaincopyprivate void applyUnauthorizedUrlIfNecessary(Filter filter) { String unauthorizedUrl = getUnauthorizedUrl(); if (StringUtils.hasText(unauthorizedUrl) && (filter instanceof AuthorizationFilter)) { AuthorizationFilter authzFilter = (AuthorizationFilter) filter; //only apply the unauthorizedUrl if they haven't explicitly configured one already: String existingUnauthorizedUrl = authzFilter.getUnauthorizedUrl(); if (existingUnauthorizedUrl == null) { authzFilter.setUnauthorizedUrl(unauthorizedUrl); } } } 定义的filter必须满足filter instanceof AuthorizationFilter,只有perms,roles,ssl,rest,port才是属于AuthorizationFilter,而anon,authcBasic,auchc,user是AuthenticationFilter,所以unauthorizedUrl设置后页面不跳转
- 2021-02-11 23:51:46
- 飞创科技
- html中可以用shiro吗怎么使用求大神给个例子,里面需要shiro标签,用jsp页面可以,
- 2021-02-11 23:51:46
开通会员