Tag Archives: Shiro

How to Solve shiro Set sessionIdUrlRewritingEnabled Error (jessionid Removed)

Project scenario:

When using Shiro for authority authentication, the login address always carries the jeonid automatically for the first access. Now it needs to be removed and cannot be displayed.

Problem Description:

First, I searched Baidu and found that most solutions are to set SessionManager when defaultwebsecuritymanager is injected. This method also needs Shiro 1.3.2 or above. Coincidentally, my 1.3.0 is definitely not good. Go to POM directly to change the version number
annotation method:

    @Bean
    public DefaultWebSessionManager sessionManager(){
        DefaultWebSessionManager sessionManager = new DefaultWebSessionManager();
        sessionManager.setSessionIdUrlRewritingEnabled(false);
        return sessionManager;
    }

    @Bean
    public DefaultWebSecurityManager securityManager(){
        DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager();
        securityManager.setSessionManager(sessionManager());
        return securityManager;
    }

XML mode:

		<bean id="sessionManager" class="org.apache.shiro.web.session.mgt.DefaultWebSessionManager">
		<property name="sessionIdUrlRewritingEnabled" value="false"/>
	</bean>

	<!-- Shiro Security Manager -->
	<bean id="securityManager" class="org.apache.shiro.web.mgt.DefaultWebSecurityManager">
		<property name="sessionManager" ref="sessionManager"/>
	</bean>

Remember to add package scanning in XML mode.My:

<context:component-scan base-package="config" />

Then run the project and report the same error as before. Anyway, there is no getter method.

Cause analysis:

During debugging, it is found that there are three versions of Shiro in the project, and two are from other modules, so it doesn’t matter. However, during debugging, it is found that the number of lines is not matched. After downloading the source code, it is found that this.sessionidurlrewritingenabled = true; There are no breakpoints in this line, and then the rebuild project, MVN clean install, repackaging and restarting idea are all used, and then the breakpoints can be interrupted. However, after debugging starts, the breakpoint icon turns into a circle slash, which is not the Shiro version of my current project at all
finally, you can only guess whether there are problems with multiple versions at the same time.

Solution:

It is found that one of the three versions is very old 1.2.4, but there is no place to import the whole project. Then, according to the warehouse, it is still imported in the way of Shiro all, so the name is temporarily modified. After running the project, it can run as expected

Shiro Error: Configuration error: No realms have been configured!

solution

Check if the ini configuration file is written in a standard way

correct demonstration:

error demonstration:

exception information

2021-10-05 17:12:26.609 [main] WARN  org.apache.shiro.authc.AbstractAuthenticator - Authentication failed for token submission [org.apache.shiro.authc.UsernamePasswordToken - ans, rememberMe=false].  Possible unexpected error?(Typical or expected login exceptions should extend from AuthenticationException).
java.lang.IllegalStateException: Configuration error:  No realms have been configured!  One or more realms must be present to execute an authentication attempt.
	at org.apache.shiro.authc.pam.ModularRealmAuthenticator.assertRealmsConfigured(ModularRealmAuthenticator.java:161)
	at org.apache.shiro.authc.pam.ModularRealmAuthenticator.doAuthenticate(ModularRealmAuthenticator.java:264)
	at org.apache.shiro.authc.AbstractAuthenticator.authenticate(AbstractAuthenticator.java:198)
	at org.apache.shiro.mgt.AuthenticatingSecurityManager.authenticate(AuthenticatingSecurityManager.java:106)
	at org.apache.shiro.mgt.DefaultSecurityManager.login(DefaultSecurityManager.java:275)
	at org.apache.shiro.subject.support.DelegatingSubject.login(DelegatingSubject.java:260)
	at com.yas.MyApplication.test(MyApplication.java:40)
	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
	at java.lang.reflect.Method.invoke(Method.java:498)
	at org.junit.runners.model.FrameworkMethod$1.runReflectiveCall(FrameworkMethod.java:50)
	at org.junit.internal.runners.model.ReflectiveCallable.run(ReflectiveCallable.java:12)
	at org.junit.runners.model.FrameworkMethod.invokeExplosively(FrameworkMethod.java:47)
	at org.junit.internal.runners.statements.InvokeMethod.evaluate(InvokeMethod.java:17)
	at org.junit.runners.ParentRunner.runLeaf(ParentRunner.java:325)
	at org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:78)
	at org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:57)
	at org.junit.runners.ParentRunner$3.run(ParentRunner.java:290)
	at org.junit.runners.ParentRunner$1.schedule(ParentRunner.java:71)
	at org.junit.runners.ParentRunner.runChildren(ParentRunner.java:288)
	at org.junit.runners.ParentRunner.access$000(ParentRunner.java:58)
	at org.junit.runners.ParentRunner$2.evaluate(ParentRunner.java:268)
	at org.junit.runners.ParentRunner.run(ParentRunner.java:363)
	at org.junit.runner.JUnitCore.run(JUnitCore.java:137)
	at com.intellij.junit4.JUnit4IdeaTestRunner.startRunnerWithArgs(JUnit4IdeaTestRunner.java:68)
	at com.intellij.rt.execution.junit.IdeaTestRunner$Repeater.startRunnerWithArgs(IdeaTestRunner.java:47)
	at com.intellij.rt.execution.junit.JUnitStarter.prepareStreamsAndStart(JUnitStarter.java:242)
	at com.intellij.rt.execution.junit.JUnitStarter.main(JUnitStarter.java:70)