因为眼花而引发的悲剧 -- Shiro框架中注入RolePermissionResolver到AuthorizingRealm
使用shiro安全框架,自定义了一个Realm:
public class UserRealm extends AuthorizingRealm
AuthorizingRealm详细类型是:
public abstract class AuthorizingRealm extends AuthenticatingRealm
implements Authorizer, Initializable, PermissionResolverAware, RolePermissionResolverAware
另外,自定义了一个RolePermissionResolver如下:
public class MyRolePermissionResolver implements RolePermissionResolver
该RolePermissionResolver用于将角色字符串转换成该角色所包含的Permission的集合.
上面AuthenticatingRealm 中实现的RolePermissionResolverAware接口为:
public interface RolePermissionResolverAware { /** * Sets the specified <tt>RolePermissionResolver</tt> on this instance. * * @param rpr the <tt>RolePermissionResolver</tt> being set. */ public void setRolePermissionResolver(RolePermissionResolver rpr); }
注意这里的set方法,是setRolePermissionResolver
而AuthorizingRealm类中,却使用
private RolePermissionResolver permissionRoleResolver;
这个字段来保存这个set进来的RolePermissionResolver,
方法如下:
public void setRolePermissionResolver(RolePermissionResolver permissionRoleResolver) { this.permissionRoleResolver = permissionRoleResolver; }
在配置spring注入的时候,想当然的使用
<bean id="userRealm" class="com.jack_yin.mainframe.authorize.authentic.realm.UserRealm" >
<!-- ...... -->
<property name="permissionRoleResolver" ref="myRolePermissionResolver"/>
</bean>
(这里这么注入是因为之前还注入了private PermissionResolver permissionResolver; 这个字段是正常的和它的setter配套,
并且shiro源码中,这个字段就和permissionRoleResolver放一起啊,太迷惑人了吧:
导致各种异常报错,而且spring异常信息乱指,指向了自己实现的一个连接池,于是一阵折腾啊.
最后发现连接池没问题啊,早上一来发现这个field和setter不配套啊,话说shiro中为什么要这样啊....
这个问题折腾了整整一天加一个晚上啊....
最后,修改了property 的name解决问题啊:
<bean id="userRealm" class="com.jack_yin.mainframe.authorize.authentic.realm.UserRealm" >
<!-- ...... -->
<property name="rolePermissionResolver" ref="myRolePermissionResolver"/>
</bean>
泪奔,吐血中......