将项目中的fhiro升级后发现通过url path传中文的所有请求都报400 invalid reqeust错误
通过以下修改可以解决此问题:
1、ShiroConfig类增加InvalidRequestFilter Bean
//解决路径中文报400的问题
@Bean
public InvalidRequestFilter invalidRequestFilter(){
InvalidRequestFilter invalidRequestFilter = new InvalidRequestFilter();
invalidRequestFilter.setBlockNonAscii(false);
return invalidRequestFilter;
}
2、修改shiro过滤器配置Bean增加
filters.put("invalidRequest",invalidRequestFilter());
完整的过滤器配置如下
/**
* Shiro过滤器配置
*/
@Bean
public ShiroFilterFactoryBean shiroFilterFactoryBean(SecurityManager securityManager) {
ShiroFilterFactoryBean shiroFilterFactoryBean = new ShiroFilterFactoryBean();
// Shiro的核心安全接口,这个属性是必须的
shiroFilterFactoryBean.setSecurityManager(securityManager);
// 身份认证失败,则跳转到登录页面的配置
shiroFilterFactoryBean.setLoginUrl(loginUrl);
// 权限认证失败,则跳转到指定页面
shiroFilterFactoryBean.setUnauthorizedUrl(unauthorizedUrl);
// Shiro连接约束配置,即过滤链的定义
LinkedHashMap<String, String> filterChainDefinitionMap = new LinkedHashMap<>();
// 对静态资源设置匿名访问
filterChainDefinitionMap.put("/favicon.ico**", "anon");
filterChainDefinitionMap.put("/ruoyi.png**", "anon");
filterChainDefinitionMap.put("/UrEc8rLezL.txt**", "anon");
filterChainDefinitionMap.put("/css/**", "anon");
filterChainDefinitionMap.put("/docs/**", "anon");
filterChainDefinitionMap.put("/fonts/**", "anon");
filterChainDefinitionMap.put("/img/**", "anon");
//因为用户系统需要访问头像,但是无法登录,所以此处请求资源路径需要放开
filterChainDefinitionMap.put("/profile/avatar/**", "anon");
filterChainDefinitionMap.put("/ajax/**", "anon");
filterChainDefinitionMap.put("/js/**", "anon");
filterChainDefinitionMap.put("/ruoyi/**", "anon");
filterChainDefinitionMap.put("/druid/**", "anon");
filterChainDefinitionMap.put("/captcha/captchaImage**", "anon");
// 退出 logout地址,shiro去清除session
filterChainDefinitionMap.put("/logout", "logout");
// 不需要拦截的访问
filterChainDefinitionMap.put("/api/**", "anon");
filterChainDefinitionMap.put("/system/unloaderEvaluationForm/add", "anon");
filterChainDefinitionMap.put("/system/unloaderEvaluationForm/addSaveApp", "anon");
filterChainDefinitionMap.put("/login", "anon,captchaValidate");
filterChainDefinitionMap.put("/toDpms","anon");
filterChainDefinitionMap.put("/getLoginQrCode","anon");
filterChainDefinitionMap.put("/checkQrCodeState","anon");
filterChainDefinitionMap.put("/toDpms2","anon");
filterChainDefinitionMap.put("/system/tmsWaybillMsg/**", "anon");
/*移动端查询运输轨迹*/
filterChainDefinitionMap.put("/system/saleWaybill/findMapLineJson", "anon");
filterChainDefinitionMap.put("/system/saleWaybill/findMapCode", "anon");
filterChainDefinitionMap.put("/test/**", "anon,captchaValidate");
filterChainDefinitionMap.put("/services/saleWaybill/**", "anon");
filterChainDefinitionMap.put("/MP_verify_hQ2FehAI6oQl1tFr.txt", "anon");
Map<String, Filter> filters = new LinkedHashMap<>();
filters.put("onlineSession", onlineSessionFilter());
filters.put("syncOnlineSession", syncOnlineSessionFilter());
filters.put("captchaValidate", captchaValidateFilter());
filters.put("kickout", kickoutSessionFilter());
// 注销成功,则跳转到指定页面
filters.put("logout", logoutFilter());
filters.put("invalidRequest",invalidRequestFilter());
shiroFilterFactoryBean.setFilters(filters);
// 所有请求需要认证
filterChainDefinitionMap.put("/**", "user,kickout,onlineSession,syncOnlineSession");
shiroFilterFactoryBean.setFilterChainDefinitionMap(filterChainDefinitionMap);
return shiroFilterFactoryBean;
}
3、重启应用,问题解决。