在进行shiro前后分离授权时,报错如下。
This subject is anonymous - it does not have any identifying principals and authorization operations require an identity to check against. A Subject instance will acquire these identifying principals automatically after a successful login is performed be executing org.apache.shiro.subject.Subject.login(AuthenticationToken) or when 'Remember Me' functionality is enabled by the SecurityManager. This exception can also occur when a previously logged-in Subject has logged out which makes it anonymous again. Because an identity is currently not known due to any of these conditions, authorization is denied.
找了很久,尝试过很多配置,不报这个错又会有新的错误,最后还是无法解决shiro前端后端分离时无法授权的问题。
但是在查阅资料的时候大概了解了一些,应该是前后分离shiro的主体(subject )传递需要用到cookie 。
于是解决方法如下:
1、前端基于Vue 所以在发起ajax请求时带上cookie需要进行如下配置,可以配置在全局axios中,或者配置在main.js中
import axios from 'axio