只是想将 apache shiro 与另一个应用程序集成。但是 shiro 没有进行身份验证并将我重定向回 login.jsp。以下是解释
我用 apache shiro 创建了一个测试应用程序,它使用 jdbcrealm 并且工作正常。重定向到登录页面和成功的身份验证正在发生。下面是shiro.ini
[main]
authc.loginUrl = /login.jsp
authc.usernameParam = user
authc.passwordParam = pass
authc.rememberMeParam = remember
authc.successUrl = /p/explorer
jdbcRealm = org.apache.shiro.realm.jdbc.JdbcRealm
jdbcRealm.permissionsLookupEnabled = true
jdbcRealm.authenticationQuery = select PWD_ as password from act_id_user where ID_ = ?
jdbcRealm.userRolesQuery = select GROUP_ID_ as role_name from act_id_membership where USER_ID_ = ?
jdbcRealm.permissionsQuery = select permission from roles_permissions where GROUP_ID_ = ?
ds = org.apache.commons.dbcp.BasicDataSource
ds.url = jdbc:mysql://localhost:3306/activiti
ds.driverClassName = com.mysql.jdbc.Driver
ds.username=user
ds.password=pass
ds.maxActive = 3
securityManager.realms = $jdbcRealm
cacheManager = org.apache.shiro.cache.ehcache.EhCacheManager
securityManager.cacheManager = $cacheManager
jdbcRealm.dataSource = $ds
sha256Matcher = org.apache.shiro.authc.credential.HashedCredentialsMatcher
sha256Matcher.hashAlgorithmName=SHA-256
jdbcRealm.credentialsMatcher = $sha256Matcher
[urls]
# enable authc filter for all application pages
/p/**=authc
请注意上述配置在我的测试应用程序中运行(使用 mvn jetty:run 运行)。
然后,我将相同的配置、login.jsp 和过滤器设置从 web.xml 复制到另一个应用程序(即 signavio activiti-modeler),在访问 URL 时,它会将我重定向到登录页面,但提交不会导致异常和/或日志中的错误,但仍然将我重定向回 login.jsp。这是 web.xml(shiro 是过滤器链中的第一个过滤器)
<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns="http://java.sun.com/xml/ns/javaee" xmlns:web="http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd"
xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd"
id="WebApp_ID" version="2.5">
<display-name>Signavio Platform</display-name>
<distributable />
<context-param>
<description>Define a reg exp for all user agents which are supported for the editor</description>
<param-name>supportedBrowserEditor</param-name>
<param-value>Firefox[\/\s]((3|4|5|6|7|8|9|10|11|12|13|14|15|16|17|18|19|20)\.\d+)|AppleWebKit|Opera.9\.\d+</param-value>
</context-param>
<context-param>
<param-name>contextConfigLocation</param-name>
<param-value>/WEB-INF/applicationContext.xml</param-value>
</context-param>
<!-- To load the Spring context -->
<listener>
<listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
</listener>
<!--FILTER -->
<filter>
<filter-name>ShiroFilter</filter-name>
<filter-class>org.apache.shiro.web.servlet.IniShiroFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>ShiroFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<filter>
<filter-name>RequestExceptionFilter</filter-name>
<filter-class>com.signavio.platform.filters.RequestExceptionFilter</filter-class>
</filter>
<filter>
<filter-name>HandlerFilter</filter-name>
<filter-class>com.signavio.platform.filters.HandlerFilter</filter-class>
</filter>
<filter>
<filter-name>EncodingFilter</filter-name>
<filter-class>com.signavio.platform.filters.EncodingFilter</filter-class>
<init-param>
<param-name>encoding</param-name>
<param-value>
UTF-8
</param-value>
</init-param>
</filter>
<filter>
<filter-name>AuthenticationFilter</filter-name>
<filter-class>com.signavio.platform.filters.AuthenticationFilter</filter-class>
<init-param>
<description></description>
<param-name>requiresNoAuthorization</param-name>
<param-value>
</param-value>
</init-param>
</filter>
<filter>
<filter-name>ParseParametersFilter</filter-name>
<filter-class>com.signavio.platform.filters.ParseParametersFilter</filter-class>
</filter>
<!--FILTER MAPPING -->
<filter-mapping>
<filter-name>RequestExceptionFilter</filter-name>
<url-pattern>
/p/*
</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>HandlerFilter</filter-name>
<url-pattern>
/p/*
</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>EncodingFilter</filter-name>
<url-pattern>
/p/*
</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>AuthenticationFilter</filter-name>
<url-pattern>
/p/*
</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>ParseParametersFilter</filter-name>
<url-pattern>
/p/*
</url-pattern>
</filter-mapping>
<!--SERVLETS -->
<servlet>
<display-name>Dispatcher</display-name>
<servlet-name>Dispatcher</servlet-name>
<servlet-class>com.signavio.platform.servlets.DispatcherServlet</servlet-class>
<load-on-startup>1</load-on-startup>
</servlet>
<!--SERVLET MAPPING -->
<servlet-mapping>
<servlet-name>Dispatcher</servlet-name>
<url-pattern>
/p/*
</url-pattern>
</servlet-mapping>
<!--LISTENER -->
<listener>
<listener-class>com.signavio.platform.listeners.EntryPoint</listener-class>
</listener>
<!--SESSION CONFIG -->
<session-config>
<session-timeout>1440</session-timeout>
</session-config>
<!--ERROR PAGES -->
<!--MIME MAPPING -->
<mime-mapping>
<extension>svg</extension>
<mime-type>image/svg+xml</mime-type>
</mime-mapping>
<mime-mapping>
<extension>json</extension>
<mime-type>text/plain</mime-type>
</mime-mapping>
<mime-mapping>
<extension>css</extension>
<mime-type>text/css</mime-type>
</mime-mapping>
<mime-mapping>
<extension>ico</extension>
<mime-type>image/x-icon</mime-type>
</mime-mapping>
<security-role>
<role-name>admin</role-name>
</security-role>
<!--WELCOME FILE LIST -->
<welcome-file-list>
<welcome-file>welcome</welcome-file>
</welcome-file-list>
<!-- Servlets from the Oryx Editor -->
<servlet>
<display-name>BPMN Layouter</display-name>
<servlet-name>BPMNLayouterServlet</servlet-name>
<servlet-class>org.oryxeditor.server.BPMNLayouterServlet</servlet-class>
</servlet>
<servlet>
<display-name>BPMN2BPEL Servlet</display-name>
<servlet-name>BPMN2BPELServlet</servlet-name>
<servlet-class>org.oryxeditor.server.BPMN2BPELServlet</servlet-class>
</servlet>
<servlet>
<display-name>Step Through</display-name>
<servlet-name>StepThrough</servlet-name>
<servlet-class>de.hpi.diagram.stepthrough.StepThroughServlet</servlet-class>
</servlet>
<servlet>
<display-name>XForms Export</display-name>
<servlet-name>XFormsExportServlet</servlet-name>
<servlet-class>org.oryxeditor.server.XFormsExportServlet</servlet-class>
</servlet>
<servlet>
<display-name>XForms Import</display-name>
<servlet-name>XFormsImportServlet</servlet-name>
<servlet-class>org.oryxeditor.server.XFormsImportServlet</servlet-class>
</servlet>
<servlet>
<display-name>Oryx Legacy File Download Servlet</display-name>
<servlet-name>DownloadServlet</servlet-name>
<servlet-class>
org.oryxeditor.server.MultiDownloader
</servlet-class>
</servlet>
<servlet>
<display-name>Alternatives Renderer</display-name>
<servlet-name>AlternativesRenderer</servlet-name>
<servlet-class>org.oryxeditor.server.AlternativesRenderer</servlet-class>
</servlet>
<servlet>
<display-name>Oryx syntax checker</display-name>
<servlet-name>SyntaxChecker</servlet-name>
<servlet-class>org.oryxeditor.server.SyntaxCheckerServlet</servlet-class>
</servlet>
<servlet>
<display-name>Oryx Validator</display-name>
<servlet-name>Validator</servlet-name>
<servlet-class>org.oryxeditor.server.ValidatorServlet</servlet-class>
</servlet>
<servlet>
<display-name>RDF 2 JSON Servlet</display-name>
<servlet-name>RDF2JSONServlet</servlet-name>
<servlet-class>org.oryxeditor.server.RDF2JSONServlet</servlet-class>
</servlet>
<servlet-mapping>
<servlet-name>BPMNLayouterServlet</servlet-name>
<url-pattern>/editor/bpmnlayouter</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>BPMN2BPELServlet</servlet-name>
<url-pattern>/editor/bpmn2bpel</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>StepThrough</servlet-name>
<url-pattern>/editor/stepthrough</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>XFormsExportServlet</servlet-name>
<url-pattern>/editor/xformsexport</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>XFormsImportServlet</servlet-name>
<url-pattern>/editor/xformsimport</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>SyntaxChecker</servlet-name>
<url-pattern>/editor/syntaxchecker</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>Validator</servlet-name>
<url-pattern>/editor/validator</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>DownloadServlet</servlet-name>
<url-pattern>/editor/download</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>AlternativesRenderer</servlet-name>
<url-pattern>/editor/pdf</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>RDF2JSONServlet</servlet-name>
<url-pattern>/editor/rdf2json</url-pattern>
</servlet-mapping>
<welcome-file-list>
<welcome-file>index.html</welcome-file>
</welcome-file-list>
</web-app>
请再次注意,此设置工作简单/测试 web 应用程序我的疑问是.. 客户端/服务器重定向和/或过滤器链序列。
提前致谢。