(zlt尼瑪銀行),原創文章,轉發請註明出處:http://write.blog.csdn.net/postedit
源碼ShiroFilterFactoryBean.java
private void applyUnauthorizedUrlIfNecessary(Filter filter) {
String unauthorizedUrl = getUnauthorizedUrl();
if (StringUtils.hasText(unauthorizedUrl) && (filter instanceof AuthorizationFilter)) {
AuthorizationFilter authzFilter = (AuthorizationFilter) filter;
//only apply the unauthorizedUrl if they haven't explicitly configured one already:
String existingUnauthorizedUrl = authzFilter.getUnauthorizedUrl();
if (existingUnauthorizedUrl == null) {
authzFilter.setUnauthorizedUrl(unauthorizedUrl);
}
}
}
定義的filter必須滿足filter instanceof AuthorizationFilter,只有perms,roles,ssl,rest,port纔是屬於AuthorizationFilter,而anon,authcBasic,auchc,user是AuthenticationFilter,所以unauthorizedUrl設置後頁面不跳轉
解決方法要麼就使用perms,roles,ssl,rest,port,要不請看如下解決辦法
<!-- 沒有權限時跳轉的url -->
<property name="unauthorizedUrl" value="/Manage/Unauth/unauth.do"></property>
解決辦法
自定義異常類Reslover 捕捉異常,如果異常爲無權限異常就手動就是轉發到無權頁面。
/**
*
* 類名稱:MyExceptionResolver.java
* 類描述:
* @author lsq
* 作者單位:
* 聯繫方式:QQ237442461
* @version 1.0
*/
public class MyExceptionResolver implements HandlerExceptionResolver{
public ModelAndView resolveException(HttpServletRequest request,
HttpServletResponse response, Object handler, Exception ex) {
// TODO Auto-generated method stub
System.out.println("==============異常開始=============");
//如果是shiro無權操作,因爲shiro 在操作auno等一部分不進行轉發至無權限url
if(ex instanceof UnauthorizedException){
ModelAndView mv = new ModelAndView("manage/unauth/index");
return mv;
}
ex.printStackTrace();
System.out.println("==============異常結束=============");
ModelAndView mv = new ModelAndView("error");
mv.addObject("exception", ex.toString().replaceAll("\n", "<br/>"));
return mv;
}
}
Spring-mvc 配置自定義異常
<!-- 自定義異常處理-->
<bean id="exceptionResolver" class="com.ljy.manage.resolver.MyExceptionResolver"></bean>