后台报错:
org.apache.shiro.authz.AuthorizationException: Not authorized to invoke method: public java.lang.String com.cj.shirodemo.controller.UserController.showUser() at org.apache.shiro.authz.aop.AuthorizingAnnotationMethodInterceptor.assertAuthorized(AuthorizingAnnotationMethodInterceptor.java:90) ~[shiro-core-1.3.2.jar:1.3.2] at org.apache.shiro.authz.aop.AnnotationsAuthorizingMethodInterceptor.assertAuthorized(AnnotationsAuthorizingMethodInterceptor.java:100) ~[shiro-core-1.3.2.jar:1.3.2] at org.apache.shiro.authz.aop.AuthorizingMethodInterceptor.invoke(AuthorizingMethodInterceptor.java:38) ~[shiro-core-1.3.2.jar:1.3.2] at org.apache.shiro.spring.security.interceptor.AopAllianceAnnotationsAuthorizingMethodInterceptor.invoke(AopAllianceAnnotationsAuthorizingMethodInterceptor.java:115) ~[shiro-spring-1.3.2.jar:1.3.2] at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:186) ~[spring-aop-5.1.4.RELEASE.jar:5.1.4.RELEASE] at org.springframework.aop.framework.CglibAopProxy$DynamicAdvisedInterceptor.intercept(CglibAopProxy.java:688) ~[spring-aop-5.1.4.RELEASE.jar:5.1.4.RELEASE]
解决方案:对抛出的异常进行统一处理跳转。
import com.alibaba.fastjson.JSONObject; import com.cen.common.util.ReturnInfoType; import org.apache.shiro.authz.AuthorizationException; import org.apache.shiro.authz.UnauthorizedException; import org.springframework.stereotype.Component; import org.springframework.web.bind.annotation.ControllerAdvice; import org.springframework.web.bind.annotation.ExceptionHandler; import org.springframework.web.bind.annotation.ResponseBody; /** * 描述: * */ @ControllerAdvice public class NoPermissionException { @ResponseBody @ExceptionHandler(UnauthorizedException.class) public String handleShiroException(Exception ex) { JSONObject json = new JSONObject(); json.put("msg","权限不足"); json.put("status",ReturnInfoType.FAIL); return json.toString(); } @ResponseBody @ExceptionHandler(AuthorizationException.class) public String AuthorizationException(Exception ex) { JSONObject json = new JSONObject(); json.put("msg","权限认证失败"); json.put("status",ReturnInfoType.FAIL); return json.toString(); } }
————————————————
版权声明:本文为CSDN博主「我是你妹她哥」的原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接及本声明。
原文链接:https://blog.csdn.net/bicheng4769/article/details/86680955