renren-fast怎么放行某个请求

提问 未结 5 115
amdin
amdin 2019-09-16
悬赏:20积分
版本:renren-fast 浏览器:
比如以/xd/**开头的请求放行,不进行拦截认证.我在ShiroConfig加了一行,但是不起作用,访问接口提示"msg": "没有权限,请联系管理员授权", 这是在ShiroConfig加的代码 //放行xd开头的请求,给仿真系统调用 filterMap.put("/xd/**", "anon"); filterMap.put("/**", "oauth2"); shiroFilter.setFilterChainDefinitionMap(filterMap); 请求作者大大指点,还需要什么哪里才能不用登陆能访问接口.
回帖
  • 配置没有问题,应该是可以的,是不是没有重启服务
    0 回复
  • amdin
    amdin (楼主)
    2019-09-16
    img[//cdn.renren.io/9ffc2201909161429488818.png] 重启过了. img[//cdn.renren.io/cedea20190916143027951.png] 报错:org.apache.shiro.authz.UnauthenticatedException: This subject is anonymous - it does not have any identifying principals and authorization operations require an identity to check against. A Subject instance will acquire these identifying principals automatically after a successful login is performed be executing org.apache.shiro.subject.Subject.login(AuthenticationToken) or when 'Remember Me' functionality is enabled by the SecurityManager. This exception can also occur when a previously logged-in Subject has logged out which makes it anonymous again. Because an identity is currently not known due to any of these conditions, authorization is denied.
    0 回复
  • amdin
    amdin (楼主)
    2019-09-16
    img[//cdn.renren.io/61b02201909161447208610.png] 去掉@RequiresPermissions 就可以访问了. 这个怎么解决.去掉了注解,后台的权限控制就不能完全控制了!
    0 回复
  • amdin
    amdin (楼主)
    2019-09-16
    renren-security就不会出现这个问题,在ShiroConfig放行就可以了,@RequiresPermissions 不用去掉. 这是bug吗? 作者大大请指导下!!!
    0 回复
  • @amdin 这个不是bug,你都不要权限了,当然就不能加@RequiresPermissions注解
    0 回复