You are viewing a plain text version of this content. The canonical link for it is here.
Posted to user@shiro.apache.org by 千年&yi叹 <ji...@foxmail.com> on 2017/01/18 08:08:15 UTC
bug report
Hello, I'm a java web developer, and I encountered some problem about shiro. In myproject I integrated shiro 1.3.2 with spring 4.3.0.Release. On the first it worked well, but recently it broked down. The urls I configured in the ShiroFilterFactoryBean didn't behaved as they were expected to. I set some urls to work without authentication, that is to say "anon", but when I visited the url, the application would redirect to the unauthenticated url. On the beginning I had no idea about it, but when I printed the shiroFilter.getFilterChainDefinitionMap(), I found the problem. The urls' order was not by what I set them, because I used a HashMap. So the "/**" url was on the front of some url which I set as "anon", and then the problem come. After I changed the HashMap to LinkedHaskMap, which keeps its items' order, the problem is solved. So is this a bug?
Here is my shiro configuration. I've modified the variable definetionsMap's type to LinkedHashMap.
@Bean
public ShiroFilterFactoryBean shiroFilter(){
ShiroFilterFactoryBean shiroFilter = new ShiroFilterFactoryBean();
Map<String, Filter> map = new HashMap<>();
map.put("addPrincipal", addPrincipalToSessionFilter());
shiroFilter.setFilters(map);
Map<String, String> definitionsMap = new LinkedHashMap<>();
definitionsMap.put("/", "anon");
definitionsMap.put("/index.jsp", "anon");
definitionsMap.put("/backstage/**", "anon");
definitionsMap.put("/pay/notify", "anon");
definitionsMap.put("/pay/testRabbit", "anon");
definitionsMap.put("/site/anon", "anon");
definitionsMap.put("/unauthenticated", "anon");
definitionsMap.put("/login", "anon");
definitionsMap.put("/verification", "anon");
definitionsMap.put("/forgetPassword", "anon");
definitionsMap.put("/signup", "anon");
definitionsMap.put("/admin/**", "authc, roles[admin]");
definitionsMap.put("/pay/alipay", "authc");
definitionsMap.put("/**", "addPrincipal, user");
shiroFilter.setFilterChainDefinitionMap(definitionsMap);
System.out.println(shiroFilter.getFilterChainDefinitionMap());
shiroFilter.setLoginUrl("/unauthenticated");
shiroFilter.setUnauthorizedUrl("/unauthorized");
shiroFilter.setSecurityManager(securityManager());
logger.info("Shiro Filters: " + shiroFilter.getFilters());
return shiroFilter;
}
If you are interested, you can visit my project on github:)
https://github.com/Q-SJ/baobiaoshiro
Sincerely. Hope for your reply.
Re: bug report
Posted by Brian Demers <br...@gmail.com>.
We cannot change the existing method signature. We could add a new one and
deprecate the old, log a warning if a non-LinkedHashMap is used, or create
a different mechanism (non-map) approach to setting the definitions.
For Shiro 1.4 (still RC, so can be changed), I added a
ShiroFilterChainDefinition
<https://github.com/apache/shiro/blob/master/support/spring/src/main/java/org/apache/shiro/spring/web/config/ShiroFilterChainDefinition.java>
interface, and the default impl
<https://github.com/apache/shiro/blob/master/support/spring/src/main/java/org/apache/shiro/spring/web/config/DefaultShiroFilterChainDefinition.java#L32-L34>
.
NOTE: the intent behind this is to make it easier to define the required
beans, see the example here
<https://github.com/apache/shiro/blob/master/samples/spring-boot-web/src/main/java/org/apache/shiro/samples/WebApp.java#L84-L90>
Thoughts ?
On Thu, Jan 19, 2017 at 6:52 AM, Richard Wheeldon <
richard.wheeldon@voxsmart.com> wrote:
> TreeMap sorts according to the natural order of the elements (or using a
> comparator). It doesn't preserve order. i.e. If you put Alice, Charlie and
> Bob into a LinkedHashMap in that order you get Alice, Charlie and Bob out.
> If you put them into a TreeMap you get Alice, Bob, Charlie
>
> -----Original Message-----
> From: scSynergy [mailto:ronald.feicht@scsynergy.de]
> Sent: Thursday, January 19, 2017 9:40 AM
> To: user@shiro.apache.org
> Subject: Re: bug report
>
> One other possibility, though far from perfect, is to have
> shiroFilter.setFilterChainDefinitionMap(definitionsMap) only accept
> LinkedHashMap or TreeMap as parameters instead of accepting just any Map. I
> think those are the only Map implementations in standard Java SE which
> retain order.
>
>
>
> --
> View this message in context: http://shiro-user.582556.n2.
> nabble.com/bug-report-tp7581461p7581464.html
> Sent from the Shiro User mailing list archive at Nabble.com.
>
RE: bug report
Posted by Richard Wheeldon <ri...@voxsmart.com>.
TreeMap sorts according to the natural order of the elements (or using a comparator). It doesn't preserve order. i.e. If you put Alice, Charlie and Bob into a LinkedHashMap in that order you get Alice, Charlie and Bob out. If you put them into a TreeMap you get Alice, Bob, Charlie
-----Original Message-----
From: scSynergy [mailto:ronald.feicht@scsynergy.de]
Sent: Thursday, January 19, 2017 9:40 AM
To: user@shiro.apache.org
Subject: Re: bug report
One other possibility, though far from perfect, is to have
shiroFilter.setFilterChainDefinitionMap(definitionsMap) only accept LinkedHashMap or TreeMap as parameters instead of accepting just any Map. I think those are the only Map implementations in standard Java SE which retain order.
--
View this message in context: http://shiro-user.582556.n2.nabble.com/bug-report-tp7581461p7581464.html
Sent from the Shiro User mailing list archive at Nabble.com.
Re: bug report
Posted by scSynergy <ro...@scsynergy.de>.
One other possibility, though far from perfect, is to have
shiroFilter.setFilterChainDefinitionMap(definitionsMap) only accept
LinkedHashMap or TreeMap as parameters instead of accepting just any Map. I
think those are the only Map implementations in standard Java SE which
retain order.
--
View this message in context: http://shiro-user.582556.n2.nabble.com/bug-report-tp7581461p7581464.html
Sent from the Shiro User mailing list archive at Nabble.com.
Re: bug report
Posted by Brian Demers <br...@gmail.com>.
Not a bug, you should be using a LinkedHashMap (or other map that will
preserve order).
That said, we could print a log message if we detect something other then a
LinkedHashMap. The downside though, I'm sure there are other map
implementations that would work here too.
Thoughts?
On Wed, Jan 18, 2017 at 3:08 AM, 千年&yi叹 <ji...@foxmail.com> wrote:
> Hello, I'm a java web developer, and I encountered some problem about
> shiro. In myproject I integrated shiro 1.3.2 with spring 4.3.0.Release. On the
> first it worked well, but recently it broked down. The urls I configured in
> the ShiroFilterFactoryBean didn't behaved as they were expected to. I set
> some urls to work without authentication, that is to say "anon", but when I
> visited the url, the application would redirect to the unauthenticated url.
> On the beginning I had no idea about it, but when I printed the shiroFilter.getFilterChainDefinitionMap(),
> I found the problem. The urls' order was not by what I set them, because
> I used a HashMap. So the "/**" url was on the front of some url which I set
> as "anon", and then the problem come. After I changed the HashMap to
> LinkedHaskMap, which keeps its items' order, the problem is solved. So is
> this a bug?
> Here is my shiro configuration. I've modified the variable
> definetionsMap's type to LinkedHashMap.
>
> @Bean
> public ShiroFilterFactoryBean shiroFilter(){
> ShiroFilterFactoryBean shiroFilter = new ShiroFilterFactoryBean();
>
> Map<String, Filter> map = new HashMap<>();
> map.put("addPrincipal", addPrincipalToSessionFilter());
> shiroFilter.setFilters(map);
>
> Map<String, String> definitionsMap = new LinkedHashMap<>();
> definitionsMap.put("/", "anon");
> definitionsMap.put("/index.jsp", "anon");
> definitionsMap.put("/backstage/**", "anon");
> definitionsMap.put("/pay/notify", "anon");
> definitionsMap.put("/pay/testRabbit", "anon");
> definitionsMap.put("/site/anon", "anon");
> definitionsMap.put("/unauthenticated", "anon");
> definitionsMap.put("/login", "anon");
> definitionsMap.put("/verification", "anon");
> definitionsMap.put("/forgetPassword", "anon");
> definitionsMap.put("/signup", "anon");
> definitionsMap.put("/admin/**", "authc, roles[admin]");
> definitionsMap.put("/pay/alipay", "authc");
> definitionsMap.put("/**", "addPrincipal, user");
> shiroFilter.setFilterChainDefinitionMap(definitionsMap);
>
> System.out.println(shiroFilter.getFilterChainDefinitionMap());
>
> shiroFilter.setLoginUrl("/unauthenticated");
> shiroFilter.setUnauthorizedUrl("/unauthorized");
> shiroFilter.setSecurityManager(securityManager());
>
> logger.info("Shiro Filters: " + shiroFilter.getFilters());
> return shiroFilter;
> }
>
> If you are interested, you can visit my project on github:)
> https://github.com/Q-SJ/baobiaoshiro
> Sincerely. Hope for your reply.
>