1. 分析

之前在Shiro中没有配置过静态资源过滤，这次在配置过程中给予静态资源anno发现还是会被拦截，查阅其它博客，基本上都是在说LinkedHashMap 过滤次序问题，但我最初就是这个，因此排除。后再翻阅相关博客的时候看到了 大佬博客 中所说不要将过滤器注册到容器中即可，自己手动创建过滤器！！，然后查看我的代码，果然将过滤器注册到了容器中，将其拿掉，然后在shiroconfig中@Autowired JwtFilter jwtfilter 改成 new JwtFilter()即可。

2. 具体代码

@Bean
    public ShiroFilterChainDefinition shiroFilterChainDefinition() {
    
    
        DefaultShiroFilterChainDefinition chainDefinition = new DefaultShiroFilterChainDefinition();
        Map<String, String> filterMap = new LinkedHashMap<>();

        // swagger2页面
        filterMap.put("/swagger-ui.html", "anon");
        filterMap.put("/swagger/**", "anon");
        filterMap.put("/swagger-resources/**", "anon");
        filterMap.put("/v2/**", "anon");
        filterMap.put("/webjars/**", "anon");
        filterMap.put("/webjars.bycdao-ui/**", "anon");
        filterMap.put("/configuration/**", "anon");
        filterMap.put("/doc.html", "anon");

        filterMap.put("/**", "jwt"); // 主要通过注解方式校验权限

        chainDefinition.addPathDefinitions(filterMap);
        return chainDefinition;
    }

    @Bean("shiroFilterFactoryBean")
    public ShiroFilterFactoryBean shiroFilterFactoryBean(SecurityManager securityManager,ShiroFilterChainDefinition shiroFilterChainDefinition) {
    
    
        ShiroFilterFactoryBean shiroFilter = new ShiroFilterFactoryBean();
        shiroFilter.setSecurityManager(securityManager);
        Map<String, Filter> filters = new HashMap<>();
        // ---------------------------------------------------
        filters.put("jwt", new JwtFilter()); // 修改处
        shiroFilter.setFilters(filters);
        Map<String, String> filterMap = shiroFilterChainDefinition.getFilterChainMap();
        shiroFilter.setFilterChainDefinitionMap(filterMap);
        return shiroFilter;
    }

若在JwtFilter 使用到JwtUtil类判断tk是否过期等，而JwtUtil 同样不要注册到容器中，不然可能请求会报 Not authorized to invoke method