在spring boot中, shiro使用@RequiresRoles,@RequiresPermissions注解无效时,可以在ShiroConfig.java中添加如下配置
/**
* 开启Shiro的注解(如@RequiresRoles,@RequiresPermissions)
* 配置以下两个bean(DefaultAdvisorAutoProxyCreator和AuthorizationAttributeSourceAdvisor)即可实现此功能
* @return
*/
@Bean
public DefaultAdvisorAutoProxyCreator advisorAutoProxyCreator(){
DefaultAdvisorAutoProxyCreator advisorAutoProxyCreator = new DefaultAdvisorAutoProxyCreator();
advisorAutoProxyCreator.setProxyTargetClass(true);
return advisorAutoProxyCreator;
}
@Bean
public AuthorizationAttributeSourceAdvisor authorizationAttributeSourceAdvisor(SecurityManager securityManager){
AuthorizationAttributeSourceAdvisor authorizationAttributeSourceAdvisor = new AuthorizationAttributeSourceAdvisor();
authorizationAttributeSourceAdvisor.setSecurityManager(securityManager);
return authorizationAttributeSourceAdvisor;
}
注意:
1,添加的两个方法上要加@Bean注解
2,authorizationAttributeSourceAdvisor(SecurityManager securityManager)中的参数securityManager不要忘记
此解决方案在网上查了不少资料,只是大多看着一样,实际都是无法解决。比如添加到配置中的两个方法,其它人的总结要么是不使用参数的,要么是中间没有配置的代码,最终都无法解决,自己不断尝试总算找到了能解决自己问题的如上方案!