今天配置一个拦截器CSRFilter发现以下错误


五月 25, 2021 9:17:52 上午 org.apache.catalina.core.StandardWrapperValve invoke

严重: Servlet.service() for servlet [springServlet] in context with path [/zsdx2] threw exception [Request processing failed; nested exception is org.apache.shiro.UnavailableSecurityManagerException: No SecurityManager accessible to the calling code, either bound to the org.apache.shiro.util.ThreadContext or as a vm static singleton. This is an invalid application configuration.] with root cause

org.apache.shiro.UnavailableSecurityManagerException: No SecurityManager accessible to the calling code, either bound to the org.apache.shiro.util.ThreadContext or as a vm static singleton. This is an invalid application configuration.

 at org.apache.shiro.SecurityUtils.getSecurityManager(SecurityUtils.java:123)

 at org.apache.shiro.subject.Subject$Builder.<init>(Subject.java:626)

 at org.apache.shiro.SecurityUtils.getSubject(SecurityUtils.java:56)

 at com.yy.frame.security.ShiroUser.getCurrentUserEntity(ShiroUser.java:96)

 at com.yy.frame.aop.AjaxSessionCheckInterceptor.preHandle(AjaxSessionCheckInterceptor.java:62)

 at org.springframework.web.servlet.HandlerExecutionChain.applyPreHandle(HandlerExecutionChain.java:130)

 at org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:938)

 at org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:877)

 at org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:966)

 at org.springframework.web.servlet.FrameworkServlet.doGet(FrameworkServlet.java:857)

 at javax.servlet.http.HttpServlet.service(HttpServlet.java:621)

 at org.springframework.web.servlet.FrameworkServlet.service(FrameworkServlet.java:842)

 at javax.servlet.http.HttpServlet.service(HttpServlet.java:728)

 at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:305)

 at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:210)

 at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:51)

 at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:243)

 at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:210)

 at org.apache.catalina.core.ApplicationDispatcher.invoke(ApplicationDispatcher.java:749)

 at org.apache.catalina.core.ApplicationDispatcher.processRequest(ApplicationDispatcher.java:487)

 at org.apache.catalina.core.ApplicationDispatcher.doForward(ApplicationDispatcher.java:412)

 at org.apache.catalina.core.ApplicationDispatcher.forward(ApplicationDispatcher.java:339)

 at com.yy.frame.filter.CSRFilter.doFilter(CSRFilter.java:44)

 at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:243)

 at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:210)

 at com.yy.frame.filter.XssFilter.doFilter(XssFilter.java:32)

 at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:243)

 at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:210)

 at org.springframework.web.filter.CharacterEncodingFilter.doFilterInternal(CharacterEncodingFilter.java:88)

 at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)

 at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:243)

 at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:210)

 at org.springframework.orm.jpa.support.OpenEntityManagerInViewFilter.doFilterInternal(OpenEntityManagerInViewFilter.java:176)

 at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)

 at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:243)

 at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:210)

 at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:222)

 at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:123)

 at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:502)

 at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:171)

 at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:100)

 at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:953)

 at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:118)

 at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:408)

 at org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1041)

 at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:603)

 at org.apache.tomcat.util.net.JIoEndpoint$SocketProcessor.run(JIoEndpoint.java:310)

 at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)

 at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)

 at java.lang.Thread.run(Thread.java:744)


网上查找资料说web.xml配置的shiroFilter 应该在CSRFilter的前面,但配置了还是不行


后来自己尝试了,原来是重定向的路径错了,原来的controller 是可以直接  return "frame/error/msg";   


但在filter里要写全路径如下:


request.getRequestDispatcher("/WEB-INF/views/frame/error/msg.jsp").forward(request, response);