我将 Spring 与 Shiro 一起使用,在我的 Spring 项目中,我有一个装饰器控制器,它通过 sitemesh 显示一个装饰器页面。装饰器页面添加到每个页面的导航链接,例如登录和注销。
我希望根据某人是否实际登录来显示登录和注销,所以我想办法做到这一点:
@Controller
public class DecoratorController extends AbstractController{
@Override
@RequestMapping(value = "/decorator.htm")
protected ModelAndView handleRequestInternal(HttpServletRequest request,
HttpServletResponse response) throws Exception {
ModelAndView model = new ModelAndView("DecoratorPage");
Subject currentUser = SecurityUtils.getSubject();
if (currentUser.isAuthenticated())
model.addObject("login", "display: none;");
else
model.addObject("logout", "display: none;");
return model;
}
}
站点网格.xml:
<sitemesh>
<mapping path="/*.htm" decorator="/decorator.htm"/>
</sitemesh>
但是,这会导致错误:
No SecurityManager accessible to the calling code, either bound to the org.apache.shiro.util.ThreadContext or as a vm static singleton. This is an invalid application configuration.
为什么我不能在这里使用 Shiro 但我可以在其他控制器中使用它?