关于shiro授权 This subject is anonymous - it does not have any identifying principals and authorization

最新推荐文章于 2024-04-08 11:31:39 发布
最新推荐文章于 2024-04-08 11:31:39 发布
阅读量4.5k 收藏 1
点赞数 2
分类专栏: 错误解决 文章标签: shiro
版权声明:本文为博主原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明。
本文链接:https://blog.csdn.net/m0_49359842/article/details/112755529
版权

在进行shiro前后分离授权时,报错如下。

This subject is anonymous - it does not have any identifying principals and authorization operations require an identity to check against.  A Subject instance will acquire these identifying principals automatically after a successful login is performed be executing org.apache.shiro.subject.Subject.login(AuthenticationToken) or when 'Remember Me' functionality is enabled by the SecurityManager.  This exception can also occur when a previously logged-in Subject has logged out which makes it anonymous again.  Because an identity is currently not known due to any of these conditions, authorization is denied.

找了很久,尝试过很多配置,不报这个错又会有新的错误,最后还是无法解决shiro前端后端分离时无法授权的问题。
但是在查阅资料的时候大概了解了一些,应该是前后分离shiro的主体(subject )传递需要用到cookie 。
于是解决方法如下:
1、前端基于Vue 所以在发起ajax请求时带上cookie需要进行如下配置,可以配置在全局axios中,或者配置在main.js中

import axios from 'axios'

axios.defaults.withCredentials=true;//让ajax携带cookie

2、配置好携带cookie可能会报跨域问题,在后端跨域过滤器需要配置如下

resp.setHeader("Access-Control-Allow-Origin", "http://localhost:8088");//这里一定要指定源地址,不能为*

resp.setHeader("Access-Control-Allow-Credentials", "true");//允许cookie

关键代码就以上两步,给大家做个参考,遇到类似问题可以安装这个思路尝试!

星点灯丶
关注
  • 2
    点赞
  • 1
    收藏
    觉得还不错? 一键收藏
  • 0
    评论
专栏目录
Shrio : This subject is anonymous - it does not have any identifying principals and
t0m的专栏
11-24 1万+
使用shrio,集成到springmvc后,访问带有@RequirePermission注解的方法,This subject is anonymous - it does not have any identifying principals and authorization operations require an identity to check ag...
Springboot-shiro: This subject is anonymous - it does not have any identifying principals and
热门推荐
levae1024的博客
10-29 2万+
问题: spingboot 项目整合shiro 后, 通过注解 @RequirePermissions来进行权限控制  @ResponseBody @RequestMapping(value = "/detail", method = RequestMethod.POST) @RequiresPermissions("sys:msg:list") public...
shiro 开放接口后 调用报错: This subject is anonymous
最新发布
John的博客
04-08 279
shiro 开放接口后 调用报错: This subject is anonymous
This subject is anonymous - it does not have any identifying principals and authorization operations
烤鸭的世界我们不懂的博客
04-17 1万+
大家好,我是烤鸭: 最近使用shiro,遇到如下问题: 严重: Servlet.service() for servlet [dispatcherServlet] in context with path [/etc] threw exception [Request processing failed; nested exception is org.apache.shiro.aut...
code: 500 ] This subject is anonymous - it does not have any identifying
YHLSunshine的博客
03-06 792
使用idea 开发java 项目,前端页面请求 页面中相关的接口时,idea 控制台有报错信息出现,前端请求失败。code: 500 ] This subject is anonymous - it does not have any identifying principals and authorization operations require an identity to check against. A
redis-shiro session 共享subject中principal 为空
goodtimeflying的博客
11-25 1727
redis-shiro session共享,登陆后subject中principal 为空 看过我的上一篇文章 redis-shiro session共享,序列化大坑的人,你可能遇到一个新的问题,就是登陆后再去请求的时候,报错This subject is anonymous 具体的错误信息如下: This subject is anonymous - it does not have any identifying principals and authorization operations requi
记一次报错 This subject is anonymous
hnxm_ggp的博客
04-18 923
This subject is anonymous报错
shiro-attack-4.7.0-SNAPSHOT-all.zip
10-24
shiro_attack-4.7.0-SNAPSHOT-all.zip 序列化验证工具
shiro-core-1.7.1 jar
07-12
shiro shiro-core-1.7.1 jar shiro漏洞
shiro源码(shiro-root-1.8.0-source-release.zip)
03-21
shiro源码(shiro-root-1.8.0-source-release.zip)
shiroshiro-all-1.8.0.jar)
03-21
shiroshiro-all-1.8.0.jar)
shiro-core-1.4.0-API文档-中文版.zip
07-12
赠送jar包:shiro-core-1.4.0.jar; 赠送原API文档:shiro-core-1.4.0-javadoc.jar; 赠送源代码:shiro-core-1.4.0-sources.jar; 赠送Maven依赖信息文件:shiro-core-1.4.0.pom; 包含翻译后的API文档:shiro-core...
记一次前后端分离shiro引起的报错
时光依旧的博客
08-03 857
在进行shiro前后分离授权时,报错如下。 错误内容:This subject is anonymous - it does not have any identifying principals and authorization operations require an identity to check against. A Subject instance will acquire these identifying principals automatically after a suc..
解决Shiro 加权限注解失效 或者报错 This subject is anonymous
程序圆的博客
09-12 1万+
报错堆栈 org.apache.shiro.authz.UnauthenticatedException: This subject is anonymous - it does not have any identifying principals and authorization operations require an identity to check against. A Subject instance will acquire these identifying principals a
Shrio UnauthenticatedException 异常
qq_28509855的博客
01-07 1904
Shiro UnauthenticatedException 异常 问题起因 最近在项目中引入了shiro, 我在一个【添加用户】的controller方法添加了shiro的注解:RequiresPermissions, 在已登录且其它同样加了此注解的方法能够顺利执行的情况下,【添加用户】的方法始终报如下错误 <== 捕获shiro异常: 用户未登录, UnauthenticatedException: GlobalExceptionHandler : <== 捕获shiro异常: 用户未登
异常总结: Springboot+shiro 调用接口出现无权限
zhanhui_520的博客
06-29 2101
第一次不会报错,等几分钟再调用不是超时,会报错 org.apache.shiro.authz.UnauthenticatedException: This subject is anonymous - it does not have any identifying principals and authorization operations require an identity to c...
java 控制台刷屏 dll_控制台被警告刷屏 · Issue #IXD8V · 卓源软件/JeeSite 4.2 - Gitee.com...
weixin_34026997的博客
02-24 218
### 该问题是怎么引起的?debug日志不在控制台打印后,有两个问题:1、浏览器登录后,长时间没有操作,掉出登录后,浏览器没关,控制台一直被没有权限的警告刷屏2、前台页面跳转过程中,一直在控制台打印info的信息,但是看这信息的内容,应该属于debug日志的范畴吧?### 重现步骤### 报错信息```06-03 14:48:52.662 WARN [o.s.w.s.m.m.a.Excepti...
this subject is anonymous - it does not have any identifying principals and authorization operations require an identity to check against. a subject instance will acquire these identifying principals automatically after a successful login is performed be executing org.apache.shiro.subject.subject.login(authenticationtoken) or when 'remember me' functionality is enabled by the securitymanager. this exception can also occur when a previously logged-in subject has logged out which makes it anonymous again. because an identity is currently not known due to any of these conditions, authorization is denied.
04-11
这个主题是匿名的 - 它没有任何识别原则,授权操作需要一个身份来进行检查。主题实例将在执行org.apache.shiro.subject.subject.login(authenticationtoken)成功登录或安全管理器启用“记住我”功能后自动获取这些识别原则。当先前已登录的主题注销时,也可能发生此异常,从而使其变为匿名状态。由于当前由于这些条件之一而未知身份,因此授权被拒绝。

“相关推荐”对你有帮助么?

  • 非常没帮助
  • 没帮助
  • 一般
  • 有帮助
  • 非常有帮助
提交
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值