我的场景是:
shiro配置类
package com.kuang.config;
import org.apache.shiro.mgt.DefaultSecurityManager;
import org.apache.shiro.mgt.SecurityManager;
import org.apache.shiro.spring.web.ShiroFilterFactoryBean;
import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
import org.apache.shiro.web.servlet.ShiroFilter;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import java.util.LinkedHashMap;
@Configuration
public class ShiroConfig {
@Bean
public ShiroFilterFactoryBean shiroFilterFactoryBean(@Qualifier("defaultWebSecurityManager") DefaultSecurityManager securityManager){
ShiroFilterFactoryBean shiroFilterFactoryBean = new ShiroFilterFactoryBean();
//设置安全管理器
shiroFilterFactoryBean.setSecurityManager(securityManager);
//实现登录验证,添加shiro内置过滤器
LinkedHashMap<String, String> filterMap = new LinkedHashMap<>();
filterMap.put("/user/add","authc");//要跳转到add页面的用户必须经过访问
//只有有user:add权限的用户才能跳转到add页面
filterMap.put("/user/add", "perms[user:add]"); //给add界面执行授权
shiroFilterFactoryBean.setFilterChainDefinitionM