Springboot整合Shiro报UnavailableSecurityManagerException异常解决办法

项目是用springboot做脚手架，用shiro做安全框架，今天使用quartz跑定时任务，发现会报这个错误，虽然不影响定时任务执行，但是每次执行定时任务都会抛这个异常。

完整报错日志：

2020-03-03 20:45:42 ERROR Async-Thread5 org.springframework.aop.interceptor.SimpleAsyncUncaughtExceptionHandler Unexpected exception occurred invoking async method: public void aoshu.bi.monitor.service.impl.LogServiceImpl.saveLog(org.aspectj.lang.ProceedingJoinPoint,java.lang.reflect.Method,javax.servlet.http.HttpServletRequest,java.lang.String,long)
org.apache.shiro.UnavailableSecurityManagerException: No SecurityManager accessible to the calling code, either bound to the org.apache.shiro.util.ThreadContext or as a vm static singleton.  This is an invalid application configuration.
	at org.apache.shiro.SecurityUtils.getSecurityManager(SecurityUtils.java:123)
	at org.apache.shiro.subject.Subject$Builder.<init>(Subject.java:626)
	at org.apache.shiro.SecurityUtils.getSubject(SecurityUtils.java:56)
	at aoshu.bi.monitor.service.impl.LogServiceImpl.saveLog(LogServiceImpl.java:82)
	at aoshu.bi.monitor.service.impl.LogServiceImpl$$FastClassBySpringCGLIB$$36ecb067.invoke(<generated>)
	at org.springframework.cglib.proxy.MethodProxy.invoke(MethodProxy.java:218)
	at org.springframework.aop.framework.CglibAopProxy$CglibMethodInvocation.invokeJoinpoint(CglibAopProxy.java:749)
	at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:163)
	at org.springframework.transaction.interceptor.TransactionInterceptor$$Lambda$745/75108401.proceedWithInvocation(Unknown Source)
	at org.springframework.transaction.interceptor.TransactionAspectSupport.invokeWithinTransaction(TransactionAspectSupport.java:295)
	at org.springframework.transaction.interceptor.TransactionInterceptor.invoke(TransactionInterceptor.java:98)
	at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:186)
	at org.springframework.aop.interceptor.AsyncExecutionInterceptor.lambda$invoke$0(AsyncExecutionInterceptor.java:115)
	at org.springframework.aop.interceptor.AsyncExecutionInterceptor$$Lambda$847/1282083659.call(Unknown Source)
	at java.util.concurrent.FutureTask.run(FutureTask.java:266)
	at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
	at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
	at java.lang.Thread.run(Thread.java:745)

at org.apache.shiro.SecurityUtils.getSecurityManager(SecurityUtils.java:123)
重点关注这一行

查看Shiro SecurityUtils源码

    public static SecurityManager getSecurityManager() throws UnavailableSecurityManagerException {
        SecurityManager securityManager = ThreadContext.getSecurityManager();
        if (securityManager == null) {
            securityManager = SecurityUtils.securityManager;
        }
        if (securityManager == null) {
            String msg = "No SecurityManager accessible to the calling code, either bound to the " +
                    ThreadContext.class.getName() + " or as a vm static singleton.  This is an invalid application " +
                    "configuration.";
            throw new UnavailableSecurityManagerException(msg);
        }
        return securityManager;
    }

发现是ThreadContext.getSecurityManager() 的值为空

我的ShiroConfiguration配置类中的SecurityManager bean的配置发现，在配置了SecurityManager之后，没有将其绑定到ThreadContext中。
于是在配置完SecurityManager后、返回该bean之前，添加下面这句就可以实现绑定：

ThreadContext.bind(securityManager);

完整SecurityManager 配置：

@Bean
public SecurityManager securityManager(ShiroRealm shiroRealm) {
    DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager();
    // 配置 SecurityManager，并注入 shiroRealm
    securityManager.setRealm(shiroRealm);
    // 配置 shiro session管理器
    securityManager.setSessionManager(sessionManager());
    // 配置 缓存管理类 cacheManager
    securityManager.setCacheManager(cacheManager());
    // 配置 rememberMeCookie
    securityManager.setRememberMeManager(rememberMeManager());

    ThreadContext.bind(securityManager);
    return securityManager;
}