Shiro在项目重启登录时报错:Caused by: javax.crypto.BadPaddingException: Given
final
block not properly padded. Such issues can arise
if
a bad key is used during decryption.
【原因】
rememberMe的cookie在第二次打开页面后shiro无法解密
rememberMeManager继承了AbstractRememberMeManager,然而AbstractRememberMeManager的构造方法中每次都会 重新生成对称加密密钥!!!!意味着每次重启程序都会重新生成一对加解密密钥!!!
【解决】
既然每次重启都会重新生成一对密钥,那我们就手动设置一个加解密密钥
主动设置cipherkey!!
xml配置方式
<bean id="rememberMeManager" class="org.apache.shiro.web.mgt.CookieRememberMeManager">
<property name="cipherKey" value="#{T(org.apache.shiro.codec.Base64).decode('6ZmI6I2j5Y+R5aSn5ZOlAA==')}"/>
<property name="cookie" ref="rememberCookie"/>
</bean>
springboot代码配置方式
@Bean
public CookieRememberMeManager cookieRememberMeManager() {
CookieRememberMeManager cookieRememberMeManager = new CookieRememberMeManager();
SimpleCookie simpleCookie = new SimpleCookie("rememberMe");
simpleCookie.setMaxAge(259200000);
cookieRememberMeManager.setCookie(simpleCookie);
cookieRememberMeManager.setCipherKey(Base64.decode("6ZmI6I2j5Y+R5aSn5ZOlAA=="));
return cookieRememberMeManager;
}