Java 用于测试JSP web应用程序的Shiro配置
我有一个网络应用程序,我需要能够运行没有登录测试的目的。我遇到的问题是,当我在没有Shiro设置的情况下运行它时,我的JSP(包含ShiroJava 用于测试JSP web应用程序的Shiro配置,java,jsp,shiro,Java,Jsp,Shiro,我有一个网络应用程序,我需要能够运行没有登录测试的目的。我遇到的问题是,当我在没有Shiro设置的情况下运行它时,我的JSP(包含ShirohasPermission标记)会抛出一个异常,说: UnavailableSecurityManagerException: No SecurityManager accessible to the calling code 有人能告诉我如何设置一个模拟/存根安全管理器来测试这个页面吗 我认为我需要在应用程序上下文中添加一些内容,但我迄今为止的努力都没有
hasPermissionUnavailableSecurityManagerException: No SecurityManager accessible to the calling code
我认为我需要在应用程序上下文中添加一些内容,但我迄今为止的努力都没有成功,我很难找到关于这个问题的文档 我想我已经找到了解决办法。我在应用程序中设置了Stubbed Security Manager,我定义它返回一个假主题,该主题在权限检查中总是返回true。然后,我在应用程序配置中添加了一些内容,以手动将此安全管理器添加到SecurityUtils静态类中,使其在不设置筛选器的情况下可用: 在ApplicationContext.xml中:
<bean id="securityManager" class="com.web.authorization.FakeWebSecurityManager" />
<bean class="org.springframework.beans.factory.config.MethodInvokingFactoryBean">
<property name="staticMethod" value="org.apache.shiro.SecurityUtils.setSecurityManager" />
<property name="arguments" ref="securityManager" />
</bean>
package com.web.authorization;
import java.util.Collection;
import java.util.List;
import java.util.concurrent.Callable;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authz.AuthorizationException;
import org.apache.shiro.authz.Permission;
import org.apache.shiro.session.Session;
import org.apache.shiro.session.SessionException;
import org.apache.shiro.session.mgt.SessionContext;
import org.apache.shiro.session.mgt.SessionKey;
import org.apache.shiro.subject.ExecutionException;
import org.apache.shiro.subject.PrincipalCollection;
import org.apache.shiro.subject.Subject;
import org.apache.shiro.subject.SubjectContext;
import org.apache.shiro.web.mgt.WebSecurityManager;
public class FakeWebSecurityManager implements WebSecurityManager {
@Override
public Subject login(final Subject subject, final AuthenticationToken authenticationToken) throws AuthenticationException { return null; }
@Override
public void logout(final Subject subject) { }
@Override
public Subject createSubject(final SubjectContext context) {
return new Subject(){
@Override
public Object getPrincipal() { return null; }
@Override
public PrincipalCollection getPrincipals() { return null; }
@Override
public boolean isPermitted(final String permission) { return true; }
@Override
public boolean isPermitted(final Permission permission) { return true; }
@Override
public boolean[] isPermitted(final String... permissions) { return null; }
@Override
public boolean[] isPermitted(final List<Permission> permissions) { return null; }
@Override
public boolean isPermittedAll(final String... permissions) { return true; }
@Override
public boolean isPermittedAll(final Collection<Permission> permissions) { return true; }
@Override
public void checkPermission(final String permission) throws AuthorizationException { }
@Override
public void checkPermission(final Permission permission) throws AuthorizationException { }
@Override
public void checkPermissions(final String... permissions) throws AuthorizationException { }
@Override
public void checkPermissions(final Collection<Permission> permissions) throws AuthorizationException { }
@Override
public boolean hasRole(final String roleIdentifier) { return true; }
@Override
public boolean[] hasRoles(final List<String> roleIdentifiers) { return null; }
@Override
public boolean hasAllRoles(final Collection<String> roleIdentifiers) { return true; }
@Override
public void checkRole(final String roleIdentifier) throws AuthorizationException { }
@Override
public void checkRoles(final Collection<String> roleIdentifiers) throws AuthorizationException { }
@Override
public void checkRoles(final String... roleIdentifiers) throws AuthorizationException { }
@Override
public void login(final AuthenticationToken token) throws AuthenticationException { }
@Override
public boolean isAuthenticated() { return true; }
@Override
public boolean isRemembered() { return false; }
@Override
public Session getSession() { return null; }
@Override
public Session getSession(final boolean create) { return null; }
@Override
public void logout() { }
@Override
public <V> V execute(final Callable<V> callable) throws ExecutionException { return null; }
@Override
public void execute(final Runnable runnable) { }
@Override
public <V> Callable<V> associateWith(final Callable<V> callable) { return null; }
@Override
public Runnable associateWith(final Runnable runnable) { return null; }
@Override
public void runAs(final PrincipalCollection principals) throws NullPointerException, IllegalStateException { }
@Override
public boolean isRunAs() { return false; }
@Override
public PrincipalCollection getPreviousPrincipals() { return null; }
@Override
public PrincipalCollection releaseRunAs() { return null; }};
}
@Override
public AuthenticationInfo authenticate(final AuthenticationToken authenticationToken) throws AuthenticationException { return null; }
@Override
public boolean isPermitted(final PrincipalCollection principals, final String permission) { return true; }
@Override
public boolean isPermitted(final PrincipalCollection subjectPrincipal, final Permission permission) { return true; }
@Override
public boolean[] isPermitted(final PrincipalCollection subjectPrincipal, final String... permissions) { return null; }
@Override
public boolean[] isPermitted(final PrincipalCollection subjectPrincipal, final List<Permission> permissions) { return null; }
@Override
public boolean isPermittedAll(final PrincipalCollection subjectPrincipal, final String... permissions) { return true; }
@Override
public boolean isPermittedAll(final PrincipalCollection subjectPrincipal, final Collection<Permission> permissions) { return true; }
@Override
public void checkPermission(final PrincipalCollection subjectPrincipal, final String permission) throws AuthorizationException { }
@Override
public void checkPermission(final PrincipalCollection subjectPrincipal, final Permission permission) throws AuthorizationException { }
@Override
public void checkPermissions(final PrincipalCollection subjectPrincipal, final String... permissions) throws AuthorizationException { }
@Override
public void checkPermissions(final PrincipalCollection subjectPrincipal, final Collection<Permission> permissions) throws AuthorizationException { }
@Override
public boolean hasRole(final PrincipalCollection subjectPrincipal, final String roleIdentifier) { return true; }
@Override
public boolean[] hasRoles(final PrincipalCollection subjectPrincipal, final List<String> roleIdentifiers) { return null; }
@Override
public boolean hasAllRoles(final PrincipalCollection subjectPrincipal, final Collection<String> roleIdentifiers) { return true; }
@Override
public void checkRole(final PrincipalCollection subjectPrincipal, final String roleIdentifier) throws AuthorizationException { }
@Override
public void checkRoles(final PrincipalCollection subjectPrincipal, final Collection<String> roleIdentifiers) throws AuthorizationException { }
@Override
public void checkRoles(final PrincipalCollection subjectPrincipal, final String... roleIdentifiers) throws AuthorizationException { }
@Override
public Session start(final SessionContext context) { return null; }
@Override
public Session getSession(final SessionKey key) throws SessionException { return null; }
@Override
public boolean isHttpSessionMode() { return false; }
}
package com.web.authorization;
导入java.util.Collection;
导入java.util.List;
导入java.util.concurrent.Callable;
导入org.apache.shiro.authc.AuthenticationException;
导入org.apache.shiro.authc.AuthenticationInfo;
导入org.apache.shiro.authc.AuthenticationToken;
导入org.apache.shiro.authz.AuthorizationException;
导入org.apache.shiro.authz.Permission;
导入org.apache.shiro.session.session;
导入org.apache.shiro.session.SessionException;
导入org.apache.shiro.session.mgt.SessionContext;
导入org.apache.shiro.session.mgt.SessionKey;
导入org.apache.shiro.subject.ExecutionException;
导入org.apache.shiro.subject.PrincipalCollection;
导入org.apache.shiro.subject.subject;
导入org.apache.shiro.subject.SubjectContext;
导入org.apache.shiro.web.mgt.WebSecurityManager;
公共类FakeWebSecurityManager实现WebSecurityManager{
@凌驾
公共主题登录(最终主题主题,最终身份验证令牌AuthenticationToken)引发AuthenticationException{return null;}
@凌驾
公开作废注销(最终主题){}
@凌驾
公共主题createSubject(最终主题上下文){
返回新主题(){
@凌驾
公共对象getPrincipal(){return null;}
@凌驾
public PrincipalCollection GetPrinciples(){return null;}
@凌驾
公共布尔值isPermitted(最终字符串权限){return true;}
@凌驾
公共布尔值isPermitted(最终权限){return true;}
@凌驾
公共布尔值[]isPermitted(最终字符串…权限){return null;}
@凌驾
公共布尔值[]isPermitted(最终列表权限){return null;}
@凌驾
公共布尔值isPermittedAll(最终字符串…权限){return true;}
@凌驾
公共布尔值isPermittedAll(最终集合权限){return true;}
@凌驾
public void checkPermission(最终字符串权限)引发AuthorizationException{}
@凌驾
public void checkPermission(最终权限)引发AuthorizationException{}
@凌驾
public void checkPermissions(最终字符串…权限)引发AuthorizationException{}
@凌驾
public void checkPermissions(最终集合权限)引发AuthorizationException{}
@凌驾
公共布尔hasRole(最终字符串roleIdentifier){return true;}
@凌驾
公共布尔值[]hasRoles(最终列表roleIdentifiers){return null;}
@凌驾
公共布尔hasAllRoles(最终集合roleIdentifiers){return true;}
@凌驾
public void checkRole(最终字符串roleIdentifier)引发AuthorizationException{}
@凌驾
public void checkRoles(最终集合roleIdentifiers)引发AuthorizationException{}
@凌驾
public void checkRoles(最终字符串…roleIdentifiers)引发AuthorizationException{}
@凌驾
公共无效登录(最终AuthenticationToken令牌)引发AuthenticationException{}
@凌驾
公共布尔值已验证(){return true;}
@凌驾
公共布尔值isRemembered(){return false;}
@凌驾
公共会话getSession(){return null;}
@凌驾
公共会话getSession(最终布尔创建){return null;}
@凌驾
public void logout(){}
@凌驾
public V execute(final Callable Callable)抛出ExecutionException{return null;}
@凌驾
public void execute(final Runnable Runnable){}
@凌驾
public Callable associateWith(final Callable Callable){return null;}
@凌驾
public Runnable associateWith(final Runnable Runnable){return null;}
@凌驾
public void runAs(最终PrincipalCollection主体)抛出NullPointerException,IllegalStateException{}
@凌驾
公共布尔值isRunAs(){return false;}
@凌驾
public PrincipalCollection GetPreviousPrinciples(){return null;}
@凌驾
public PrincipalCollection releaseRunAs(){return null;}};
}
@凌驾
public AuthenticationInfo Authentication(最终AuthenticationToken AuthenticationToken)引发AuthenticationException{return null;}
@凌驾
公共布尔值isPermitted(最终PrincipalCollection主体,最终字符串权限){return true;}
@凌驾
公共图书馆