Today in the project to add annotations to intercept, always find interception does not work, he joined the comment in accordance with the role to intercept. 1 user role is not access this method will be blocked.
Testing will find the notes of a bean configured to not play a role in shiro.xml. The need to put the following comment to the spring-mvc.xml take effect.
<!-- 开启Shiro注解 --> <bean class="org.springframework.aop.framework.autoproxy.DefaultAdvisorAutoProxyCreator" depends-on="lifecycleBeanPostProcessor"> <property name="proxyTargetClass" value="true" /> </bean> <bean class="org.apache.shiro.spring.security.interceptor.AuthorizationAttributeSourceAdvisor"> <property name="securityManager" ref="securityManager" /> </bean>
After put in, restart the project, has been tested successfully intercepted, this report shows that the current request is not abnormal Role 1, was successfully intercepted.
Request processing failed; nested exception is org.apache.shiro.authz.UnauthorizedException: Subject does not have role [1]