對容易忽略的地方記錄如下:
1.需要引入下面2個依賴,具體版本根據自身環境修改:
<dependency> <groupId>org.apache.geronimo.bundles</groupId> <artifactId>aspectjweaver</artifactId> <version>1.6.8_2</version> </dependency> <dependency> <groupId>org.aspectj</groupId> <artifactId>aspectjrt</artifactId> <version>1.8.10</version> </dependency>
2。注入這兩個bean:
/** * 注解訪問授權動態攔截,不然不會執行doGetAuthenticationInfo * * @param securityManager * @return */ @Bean public AuthorizationAttributeSourceAdvisor authorizationAttributeSourceAdvisor(SecurityManager securityManager) { AuthorizationAttributeSourceAdvisor authorizationAttributeSourceAdvisor = new AuthorizationAttributeSourceAdvisor(); authorizationAttributeSourceAdvisor.setSecurityManager(securityManager); return authorizationAttributeSourceAdvisor; } /** * 授權未通過時(403)錯誤處理,沒有這個不會跳轉到403頁面 * * @return */ @Bean public SimpleMappingExceptionResolver getSimpleMappingExceptionResolver() { SimpleMappingExceptionResolver simpleMappingExceptionResolver = new SimpleMappingExceptionResolver(); Properties mappings = new Properties(); mappings.setProperty("org.apache.shiro.authz.UnauthorizedException", "/error/403"); simpleMappingExceptionResolver.setExceptionMappings(mappings); return simpleMappingExceptionResolver; }
完畢!
這個時候執行如下代碼,就會跳轉到403頁面:
@RequiresPermissions("user:test")
@GetMapping("/test")
public String test() { String strResult = "/test"; return strResult; }
