alexxiyang / shiro-redis Goto Github PK

shiro only provide the support of ehcache and concurrentHashMap. Here is an implement of redis cache can be used by shiro. Hope it will help you!

License: MIT License

Java 100.00%

shiro-redis's People

Contributors

Stargazers

Watchers

Forkers

fengxiaoxiao ngnono xiaonuo liqing86mj iamedu thorlove zongf eric81 helpying jetgeng yidianfengfan bigrats denghp java10000 husttom gsccs airclear aranoah louiseliu foruforo zootalures zhouxyx alxe1528 ederroger trainkg hsiangbinhua chenld etongle caohenghui fysoft2006 zguokai xiaoxiaoyang818 luorenjin xiaolongyuan yunchat heydaies minikiller lili6145 wangmb pollychen ayesd brucetie lanen ran222 romantictravel icloudkit bioxuxuan charpty tangyouwo wuyongwen afuer coutpkprintf yhc19850706 dazi005 cattles wuzehui lvxb happyiwin lzw2006 jfteam kidaak zjzcn lpzhao tonnyfeng chsong08 rushcoder sixgodx fondon hongerwei qinwer heng-ma tangthis xenoxpcp iamlibo shiqiyue macrosun1985 xiaoqiang-yang pksurecom zhenghun yamtg meiyalei gomaxx baayso amglie wjjleopard a520ass ilaotan fnet123 cqyhm weisljl89 lovelycat liuchengsheng wangxiangrong an0nymous0 kuainiao shuanghw xiaojuese soleebook luo634501217 manchiang

shiro-redis's Issues

springboot中使用shiro贵框架后SecurityUtils.getSubject()都获取不到了

有遇到这种情况吗

redis.clients.jedis.exceptions.JedisConnectionException: Unknown reply: 6

有时候会报下面的错误，好像是redis的多线程使用问题，这个要怎么解决？
redis.clients.jedis.exceptions.JedisConnectionException: Unknown reply: 6
at redis.clients.jedis.Protocol.process(Protocol.java:132)
at redis.clients.jedis.Protocol.read(Protocol.java:191)
at redis.clients.jedis.Connection.getBinaryBulkReply(Connection.java:195)
at redis.clients.jedis.BinaryJedis.get(BinaryJedis.java:119)
at org.crazycake.shiro.RedisManager.get(RedisManager.java:54)
at org.crazycake.shiro.RedisSessionDAO.doReadSession(RedisSessionDAO.java:89)
at org.apache.shiro.session.mgt.eis.AbstractSessionDAO.readSession(AbstractSessionDAO.java:168)
at org.apache.shiro.session.mgt.DefaultSessionManager.retrieveSessionFromDataSource(DefaultSessionManager.java:236)

数据一致性问题

关于使用ThreadLocal引起的session共享的问题

在web环境下面，tomcat使用的nio的reactor的线程模型，而且这些nio线程不会死掉，一直在轮询，意味着线程都不会死掉，为其保存的副本也会一直存在，在一次请求的过程中可能不是同一个线程，所以在调用doReadSession的方法时候使用ThreadLocal会产生session共享问题

RedisCache:Line83

RedisCache.java: Line83

If key is string, the actual byte key is: keyPrefix + key.
But why that is serialized key without keyPrefix when the key is other types?

请问我按照您写的配置但是会报一个错误

Cannot resolve reference to bean 'sessionManager' while setting bean property 'sessionManager'; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'sessionManager' defined in file [E:\project\school_platform\codesrc.metadata.plugins\org.eclipse.wst.server.core\tmp1\wtpwebapps\mr\WEB-INF\classes\spring\spring-mvc.xml]: Initialization of bean failed; nested exception is org.springframework.beans.ConversionNotSupportedException: Failed to convert property value of type 'org.hibernate.internal.SessionFactoryImpl' to required type 'org.apache.shiro.session.mgt.SessionFactory' for property 'sessionFactory'; nested exception is java.lang.IllegalStateException: Cannot convert value of type [org.hibernate.internal.SessionFactoryImpl] to required type [org.apache.shiro.session.mgt.SessionFactory] for property 'sessionFactory': no matching editors or conversion strategy found 错误信息如上,如果您有空看到我的问题方便的时间请回复一下谢谢

Spring Boot 1.5.7 shiro-spring-boot-web-starter 1.4.0 集成 shiro-redis 3.0.0 启动异常

环境:JDK1.8
Spring Boot 1.5.7
shiro : 用官方推荐的 shiro-spring-boot-web-starter

集成shiro-redis 启动异常，异常日志如下：

D:\java\bin\java.exe -agentlib:jdwp=transport=dt_socket,address=127.0.0.1:61280,suspend=y,server=n -XX:TieredStopAtLevel=1 -noverify -Dspring.profiles.active=dev -Dspring.output.ansi.enabled=always -Dcom.sun.management.jmxremote -Dcom.sun.management.jmxremote.port=61279 -Dcom.sun.management.jmxremote.authenticate=false -Dcom.sun.management.jmxremote.ssl=false -Djava.rmi.server.hostname=localhost -Dspring.liveBeansView.mbeanDomain -Dspring.application.admin.enabled=true -javaagent:C:\Users\Administrator.IntelliJIdea2018.1\system\groovyHotSwap\gragent.jar -javaagent:C:\Users\Administrator.IntelliJIdea2018.1\system\captureAgent\debugger-agent.jar=file:/C:/Users/Administrator/AppData/Local/Temp/capture4280.props -Dfile.encoding=UTF-8 -classpath "D:\java\jre\lib\charsets.jar;D:\java\jre\lib\deploy.jar;D:\java\jre\lib\ext\access-bridge-64.jar;D:\java\jre\lib\ext\cldrdata.jar;D:\java\jre\lib\ext\dnsns.jar;D:\java\jre\lib\ext\jaccess.jar;D:\java\jre\lib\ext\jfxrt.jar;D:\java\jre\lib\ext\localedata.jar;D:\java\jre\lib\ext\nashorn.jar;D:\java\jre\lib\ext\sunec.jar;D:\java\jre\lib\ext\sunjce_provider.jar;D:\java\jre\lib\ext\sunmscapi.jar;D:\java\jre\lib\ext\sunpkcs11.jar;D:\java\jre\lib\ext\zipfs.jar;D:\java\jre\lib\javaws.jar;D:\java\jre\lib\jce.jar;D:\java\jre\lib\jfr.jar;D:\java\jre\lib\jfxswt.jar;D:\java\jre\lib\jsse.jar;D:\java\jre\lib\management-agent.jar;D:\java\jre\lib\plugin.jar;D:\java\jre\lib\resources.jar;D:\java\jre\lib\rt.jar;E:\it-portal\it-portal-web\trunk\target\classes;D:\mavenRepo\org\springframework\boot\spring-boot-starter-thymeleaf\1.5.7.RELEASE\spring-boot-starter-thymeleaf-1.5.7.RELEASE.jar;D:\mavenRepo\org\springframework\boot\spring-boot-starter\1.5.7.RELEASE\spring-boot-starter-1.5.7.RELEASE.jar;D:\mavenRepo\org\springframework\boot\spring-boot-starter-logging\1.5.7.RELEASE\spring-boot-starter-logging-1.5.7.RELEASE.jar;D:\mavenRepo\ch\qos\logback\logback-classic\1.1.11\logback-classic-1.1.11.jar;D:\mavenRepo\ch\qos\logback\logback-core\1.1.11\logback-core-1.1.11.jar;D:\mavenRepo\org\slf4j\jul-to-slf4j\1.7.25\jul-to-slf4j-1.7.25.jar;D:\mavenRepo\org\slf4j\log4j-over-slf4j\1.7.25\log4j-over-slf4j-1.7.25.jar;D:\mavenRepo\org\thymeleaf\thymeleaf-spring4\3.0.9.RELEASE\thymeleaf-spring4-3.0.9.RELEASE.jar;D:\mavenRepo\org\thymeleaf\thymeleaf\3.0.9.RELEASE\thymeleaf-3.0.9.RELEASE.jar;D:\mavenRepo\org\attoparser\attoparser\2.0.4.RELEASE\attoparser-2.0.4.RELEASE.jar;D:\mavenRepo\org\unbescape\unbescape\1.1.5.RELEASE\unbescape-1.1.5.RELEASE.jar;D:\mavenRepo\nz\net\ultraq\thymeleaf\thymeleaf-layout-dialect\2.3.0\thymeleaf-layout-dialect-2.3.0.jar;D:\mavenRepo\nz\net\ultraq\thymeleaf\thymeleaf-expression-processor\1.1.3\thymeleaf-expression-processor-1.1.3.jar;D:\mavenRepo\org\codehaus\groovy\groovy\2.4.12\groovy-2.4.12.jar;D:\mavenRepo\org\springframework\boot\spring-boot-starter-web\1.5.7.RELEASE\spring-boot-starter-web-1.5.7.RELEASE.jar;D:\mavenRepo\org\springframework\boot\spring-boot-starter-tomcat\1.5.7.RELEASE\spring-boot-starter-tomcat-1.5.7.RELEASE.jar;D:\mavenRepo\org\apache\tomcat\embed\tomcat-embed-core\8.5.20\tomcat-embed-core-8.5.20.jar;D:\mavenRepo\org\apache\tomcat\embed\tomcat-embed-el\8.5.20\tomcat-embed-el-8.5.20.jar;D:\mavenRepo\org\apache\tomcat\embed\tomcat-embed-websocket\8.5.20\tomcat-embed-websocket-8.5.20.jar;D:\mavenRepo\org\hibernate\hibernate-validator\5.3.5.Final\hibernate-validator-5.3.5.Final.jar;D:\mavenRepo\javax\validation\validation-api\1.1.0.Final\validation-api-1.1.0.Final.jar;D:\mavenRepo\org\jboss\logging\jboss-logging\3.3.1.Final\jboss-logging-3.3.1.Final.jar;D:\mavenRepo\com\fasterxml\classmate\1.3.4\classmate-1.3.4.jar;D:\mavenRepo\com\fasterxml\jackson\core\jackson-databind\2.8.10\jackson-databind-2.8.10.jar;D:\mavenRepo\com\fasterxml\jackson\core\jackson-annotations\2.8.0\jackson-annotations-2.8.0.jar;D:\mavenRepo\org\springframework\spring-web\4.3.11.RELEASE\spring-web-4.3.11.RELEASE.jar;D:\mavenRepo\org\springframework\spring-beans\4.3.11.RELEASE\spring-beans-4.3.11.RELEASE.jar;D:\mavenRepo\org\springframework\spring-context\4.3.11.RELEASE\spring-context-4.3.11.RELEASE.jar;D:\mavenRepo\org\springframework\spring-webmvc\4.3.11.RELEASE\spring-webmvc-4.3.11.RELEASE.jar;D:\mavenRepo\org\springframework\spring-expression\4.3.11.RELEASE\spring-expression-4.3.11.RELEASE.jar;D:\mavenRepo\org\springframework\spring-core\4.3.11.RELEASE\spring-core-4.3.11.RELEASE.jar;D:\mavenRepo\org\springframework\boot\spring-boot-devtools\1.5.7.RELEASE\spring-boot-devtools-1.5.7.RELEASE.jar;D:\mavenRepo\org\springframework\boot\spring-boot\1.5.7.RELEASE\spring-boot-1.5.7.RELEASE.jar;D:\mavenRepo\org\springframework\boot\spring-boot-autoconfigure\1.5.7.RELEASE\spring-boot-autoconfigure-1.5.7.RELEASE.jar;D:\mavenRepo\mysql\mysql-connector-java\5.1.44\mysql-connector-java-5.1.44.jar;D:\mavenRepo\org\mybatis\spring\boot\mybatis-spring-boot-starter\1.2.1\mybatis-spring-boot-starter-1.2.1.jar;D:\mavenRepo\org\springframework\boot\spring-boot-starter-jdbc\1.5.7.RELEASE\spring-boot-starter-jdbc-1.5.7.RELEASE.jar;D:\mavenRepo\org\apache\tomcat\tomcat-jdbc\8.5.20\tomcat-jdbc-8.5.20.jar;D:\mavenRepo\org\apache\tomcat\tomcat-juli\8.5.20\tomcat-juli-8.5.20.jar;D:\mavenRepo\org\springframework\spring-jdbc\4.3.11.RELEASE\spring-jdbc-4.3.11.RELEASE.jar;D:\mavenRepo\org\mybatis\spring\boot\mybatis-spring-boot-autoconfigure\1.2.1\mybatis-spring-boot-autoconfigure-1.2.1.jar;D:\mavenRepo\org\mybatis\mybatis\3.4.4\mybatis-3.4.4.jar;D:\mavenRepo\org\mybatis\mybatis-spring\1.3.1\mybatis-spring-1.3.1.jar;D:\mavenRepo\com\alibaba\druid\1.0.29\druid-1.0.29.jar;D:\java\lib\jconsole.jar;D:\java\lib\tools.jar;D:\mavenRepo\org\scala-lang\scala-library\2.11.0\scala-library-2.11.0.jar;D:\mavenRepo\org\apache\commons\commons-pool2\2.0\commons-pool2-2.0.jar;D:\mavenRepo\org\apache\commons\commons-lang3\3.7\commons-lang3-3.7.jar;D:\mavenRepo\org\springframework\boot\spring-boot-starter-data-redis\1.5.7.RELEASE\spring-boot-starter-data-redis-1.5.7.RELEASE.jar;D:\mavenRepo\org\springframework\data\spring-data-redis\1.8.7.RELEASE\spring-data-redis-1.8.7.RELEASE.jar;D:\mavenRepo\org\springframework\data\spring-data-keyvalue\1.2.7.RELEASE\spring-data-keyvalue-1.2.7.RELEASE.jar;D:\mavenRepo\org\springframework\data\spring-data-commons\1.13.7.RELEASE\spring-data-commons-1.13.7.RELEASE.jar;D:\mavenRepo\org\springframework\spring-tx\4.3.11.RELEASE\spring-tx-4.3.11.RELEASE.jar;D:\mavenRepo\org\springframework\spring-oxm\4.3.11.RELEASE\spring-oxm-4.3.11.RELEASE.jar;D:\mavenRepo\org\springframework\spring-context-support\4.3.11.RELEASE\spring-context-support-4.3.11.RELEASE.jar;D:\mavenRepo\org\slf4j\jcl-over-slf4j\1.7.25\jcl-over-slf4j-1.7.25.jar;D:\mavenRepo\redis\clients\jedis\2.9.0\jedis-2.9.0.jar;D:\mavenRepo\org\springframework\session\spring-session-data-redis\1.3.1.RELEASE\spring-session-data-redis-1.3.1.RELEASE.jar;D:\mavenRepo\org\springframework\session\spring-session\1.3.1.RELEASE\spring-session-1.3.1.RELEASE.jar;D:\mavenRepo\com\alibaba\fastjson\1.2.38\fastjson-1.2.38.jar;D:\mavenRepo\com\google\code\gson\gson\2.3.1\gson-2.3.1.jar;D:\mavenRepo\cn\huanju\udb\lgn\ca-client\1.8.7-20160420\ca-client-1.8.7-20160420.jar;D:\mavenRepo\cn\huanju\udb\lgn\udb-client\1.8.7-20160808\udb-client-1.8.7-20160808.jar;D:\mavenRepo\cn\huanju\udb\lgn\ca-common\1.8-20160428\ca-common-1.8-20160428.jar;D:\mavenRepo\cn\huanju\udb\lgn\oauth\20150518\oauth-20150518.jar;D:\mavenRepo\cn\huanju\udb\lgn\oauth-consumer\20150518\oauth-consumer-20150518.jar;D:\mavenRepo\oauth\oauth-httpclient3\20100601-300\oauth-httpclient3-20100601-300.jar;D:\mavenRepo\commons-httpclient\commons-httpclient\3.1\commons-httpclient-3.1.jar;D:\mavenRepo\commons-logging\commons-logging\1.0.4\commons-logging-1.0.4.jar;D:\mavenRepo\commons-codec\commons-codec\1.10\commons-codec-1.10.jar;D:\mavenRepo\commons-collections\commons-collections\3.2.1\commons-collections-3.2.1.jar;D:\mavenRepo\dom4j\dom4j\1.6.1\dom4j-1.6.1.jar;D:\mavenRepo\xml-apis\xml-apis\1.4.01\xml-apis-1.4.01.jar;D:\mavenRepo\org\apache\poi\poi\3.8\poi-3.8.jar;D:\mavenRepo\org\apache\poi\poi-ooxml\3.8\poi-ooxml-3.8.jar;D:\mavenRepo\org\apache\poi\poi-ooxml-schemas\3.8\poi-ooxml-schemas-3.8.jar;D:\mavenRepo\org\apache\xmlbeans\xmlbeans\2.3.0\xmlbeans-2.3.0.jar;D:\mavenRepo\stax\stax-api\1.0.1\stax-api-1.0.1.jar;D:\mavenRepo\org\jfree\jcommon\1.0.24\jcommon-1.0.24.jar;D:\mavenRepo\jfree\jfreechart\1.0.13\jfreechart-1.0.13.jar;D:\mavenRepo\jfree\jcommon\1.0.16\jcommon-1.0.16.jar;D:\mavenRepo\com\google\guava\guava\13.0.1\guava-13.0.1.jar;D:\mavenRepo\org\elasticsearch\client\transport\5.6.5\transport-5.6.5.jar;D:\mavenRepo\org\elasticsearch\plugin\transport-netty3-client\5.6.5\transport-netty3-client-5.6.5.jar;D:\mavenRepo\io\netty\netty\3.10.6.Final\netty-3.10.6.Final.jar;D:\mavenRepo\org\elasticsearch\plugin\transport-netty4-client\5.6.5\transport-netty4-client-5.6.5.jar;D:\mavenRepo\io\netty\netty-buffer\4.1.13.Final\netty-buffer-4.1.13.Final.jar;D:\mavenRepo\io\netty\netty-codec\4.1.13.Final\netty-codec-4.1.13.Final.jar;D:\mavenRepo\io\netty\netty-codec-http\4.1.13.Final\netty-codec-http-4.1.13.Final.jar;D:\mavenRepo\io\netty\netty-common\4.1.13.Final\netty-common-4.1.13.Final.jar;D:\mavenRepo\io\netty\netty-handler\4.1.13.Final\netty-handler-4.1.13.Final.jar;D:\mavenRepo\io\netty\netty-resolver\4.1.13.Final\netty-resolver-4.1.13.Final.jar;D:\mavenRepo\io\netty\netty-transport\4.1.13.Final\netty-transport-4.1.13.Final.jar;D:\mavenRepo\org\elasticsearch\plugin\reindex-client\5.6.5\reindex-client-5.6.5.jar;D:\mavenRepo\org\elasticsearch\client\elasticsearch-rest-client\5.6.5\elasticsearch-rest-client-5.6.5.jar;D:\mavenRepo\org\apache\httpcomponents\httpclient\4.5.3\httpclient-4.5.3.jar;D:\mavenRepo\org\apache\httpcomponents\httpcore\4.4.6\httpcore-4.4.6.jar;D:\mavenRepo\org\apache\httpcomponents\httpasyncclient\4.1.3\httpasyncclient-4.1.3.jar;D:\mavenRepo\org\apache\httpcomponents\httpcore-nio\4.4.5\httpcore-nio-4.4.5.jar;D:\mavenRepo\org\elasticsearch\plugin\lang-mustache-client\5.6.5\lang-mustache-client-5.6.5.jar;D:\mavenRepo\com\github\spullara\mustache\java\compiler\0.9.3\compiler-0.9.3.jar;D:\mavenRepo\org\elasticsearch\plugin\percolator-client\5.6.5\percolator-client-5.6.5.jar;D:\mavenRepo\org\elasticsearch\plugin\parent-join-client\5.6.5\parent-join-client-5.6.5.jar;D:\mavenRepo\org\apache\logging\log4j\log4j-api\2.7\log4j-api-2.7.jar;D:\mavenRepo\org\apache\logging\log4j\log4j-core\2.7\log4j-core-2.7.jar;D:\mavenRepo\org\elasticsearch\elasticsearch\5.6.5\elasticsearch-5.6.5.jar;D:\mavenRepo\org\apache\lucene\lucene-core\6.6.1\lucene-core-6.6.1.jar;D:\mavenRepo\org\apache\lucene\lucene-analyzers-common\6.6.1\lucene-analyzers-common-6.6.1.jar;D:\mavenRepo\org\apache\lucene\lucene-backward-codecs\6.6.1\lucene-backward-codecs-6.6.1.jar;D:\mavenRepo\org\apache\lucene\lucene-grouping\6.6.1\lucene-grouping-6.6.1.jar;D:\mavenRepo\org\apache\lucene\lucene-highlighter\6.6.1\lucene-highlighter-6.6.1.jar;D:\mavenRepo\org\apache\lucene\lucene-join\6.6.1\lucene-join-6.6.1.jar;D:\mavenRepo\org\apache\lucene\lucene-memory\6.6.1\lucene-memory-6.6.1.jar;D:\mavenRepo\org\apache\lucene\lucene-misc\6.6.1\lucene-misc-6.6.1.jar;D:\mavenRepo\org\apache\lucene\lucene-queries\6.6.1\lucene-queries-6.6.1.jar;D:\mavenRepo\org\apache\lucene\lucene-queryparser\6.6.1\lucene-queryparser-6.6.1.jar;D:\mavenRepo\org\apache\lucene\lucene-sandbox\6.6.1\lucene-sandbox-6.6.1.jar;D:\mavenRepo\org\apache\lucene\lucene-spatial\6.6.1\lucene-spatial-6.6.1.jar;D:\mavenRepo\org\apache\lucene\lucene-spatial-extras\6.6.1\lucene-spatial-extras-6.6.1.jar;D:\mavenRepo\org\apache\lucene\lucene-spatial3d\6.6.1\lucene-spatial3d-6.6.1.jar;D:\mavenRepo\org\apache\lucene\lucene-suggest\6.6.1\lucene-suggest-6.6.1.jar;D:\mavenRepo\org\elasticsearch\securesm\1.2\securesm-1.2.jar;D:\mavenRepo\net\sf\jopt-simple\jopt-simple\5.0.2\jopt-simple-5.0.2.jar;D:\mavenRepo\com\carrotsearch\hppc\0.7.1\hppc-0.7.1.jar;D:\mavenRepo\joda-time\joda-time\2.9.9\joda-time-2.9.9.jar;D:\mavenRepo\org\yaml\snakeyaml\1.17\snakeyaml-1.17.jar;D:\mavenRepo\com\fasterxml\jackson\core\jackson-core\2.8.10\jackson-core-2.8.10.jar;D:\mavenRepo\com\fasterxml\jackson\dataformat\jackson-dataformat-smile\2.8.10\jackson-dataformat-smile-2.8.10.jar;D:\mavenRepo\com\fasterxml\jackson\dataformat\jackson-dataformat-yaml\2.8.10\jackson-dataformat-yaml-2.8.10.jar;D:\mavenRepo\com\fasterxml\jackson\dataformat\jackson-dataformat-cbor\2.8.10\jackson-dataformat-cbor-2.8.10.jar;D:\mavenRepo\com\tdunning\t-digest\3.0\t-digest-3.0.jar;D:\mavenRepo\org\hdrhistogram\HdrHistogram\2.1.9\HdrHistogram-2.1.9.jar;D:\mavenRepo\org\elasticsearch\jna\4.4.0-1\jna-4.4.0-1.jar;D:\mavenRepo\io\netty\netty-all\4.1.17.Final\netty-all-4.1.17.Final.jar;D:\mavenRepo\org\springframework\boot\spring-boot-starter-aop\1.5.7.RELEASE\spring-boot-starter-aop-1.5.7.RELEASE.jar;D:\mavenRepo\org\springframework\spring-aop\4.3.11.RELEASE\spring-aop-4.3.11.RELEASE.jar;D:\mavenRepo\org\aspectj\aspectjweaver\1.8.10\aspectjweaver-1.8.10.jar;D:\mavenRepo\org\apache\shiro\shiro-spring-boot-web-starter\1.4.0\shiro-spring-boot-web-starter-1.4.0.jar;D:\mavenRepo\org\apache\shiro\shiro-spring-boot-starter\1.4.0\shiro-spring-boot-starter-1.4.0.jar;D:\mavenRepo\org\apache\shiro\shiro-spring\1.4.0\shiro-spring-1.4.0.jar;D:\mavenRepo\org\apache\shiro\shiro-web\1.4.0\shiro-web-1.4.0.jar;D:\mavenRepo\com\github\theborakompanioni\thymeleaf-extras-shiro\2.0.0\thymeleaf-extras-shiro-2.0.0.jar;D:\mavenRepo\org\crazycake\shiro-redis\3.0.0\shiro-redis-3.0.0.jar;D:\mavenRepo\org\slf4j\slf4j-api\1.7.25\slf4j-api-1.7.25.jar;D:\mavenRepo\org\apache\shiro\shiro-core\1.2.6\shiro-core-1.2.6.jar;D:\mavenRepo\commons-beanutils\commons-beanutils\1.9.3\commons-beanutils-1.9.3.jar;D:\mavenRepo\com\puppycrawl\tools\checkstyle\8.3\checkstyle-8.3.jar;D:\mavenRepo\antlr\antlr\2.7.7\antlr-2.7.7.jar;D:\mavenRepo\org\antlr\antlr4-runtime\4.7\antlr4-runtime-4.7.jar;D:\mavenRepo\commons-cli\commons-cli\1.4\commons-cli-1.4.jar;D:\mavenRepo\net\sf\saxon\Saxon-HE\9.8.0-4\Saxon-HE-9.8.0-4.jar;D:\IntelliJ IDEA 2018.1.2\lib\idea_rt.jar" com.yy.itportal.ItPortalWebApplication
Connected to the target VM, address: '127.0.0.1:61280', transport: 'socket'
21:05:57.780 [main] DEBUG org.springframework.boot.devtools.settings.DevToolsSettings - Included patterns for restart : []
21:05:57.784 [main] DEBUG org.springframework.boot.devtools.settings.DevToolsSettings - Excluded patterns for restart : [/spring-boot-starter/target/classes/, /spring-boot-autoconfigure/target/classes/, /spring-boot-starter-[\w-]+/, /spring-boot/target/classes/, /spring-boot-actuator/target/classes/, /spring-boot-devtools/target/classes/]
21:05:57.785 [main] DEBUG org.springframework.boot.devtools.restart.ChangeableUrls - Matching URLs for reloading : [file:/E:/it-portal/it-portal-web/trunk/target/classes/]

. ____ _ __ _ _
/\ / ' __ _ () __ __ _ \ \ \
( ( )__ | '_ | '| | ' / ` | \ \ \
\/ )| |)| | | | | || (| | ) ) ) )
' || .__|| ||| |_, | / / / /
=========||==============|/=////
:: Spring Boot :: (v1.5.7.RELEASE)

2018-05-29 21:05:58.378 |-INFO [restartedMain] com.yy.itportal.ItPortalWebApplication [48] -| Starting ItPortalWebApplication on G9098 with PID 8580 (E:\it-portal\it-portal-web\trunk\target\classes started by Administrator in E:\it-portal)
2018-05-29 21:05:58.379 |-DEBUG [restartedMain] com.yy.itportal.ItPortalWebApplication [51] -| Running with Spring Boot v1.5.7.RELEASE, Spring v4.3.11.RELEASE
2018-05-29 21:05:58.379 |-INFO [restartedMain] com.yy.itportal.ItPortalWebApplication [597] -| The following profiles are active: dev
2018-05-29 21:05:58.545 |-INFO [restartedMain] org.springframework.boot.context.embedded.AnnotationConfigEmbeddedWebApplicationContext [583] -| Refreshing org.springframework.boot.context.embedded.AnnotationConfigEmbeddedWebApplicationContext@af2e13c: startup date [Tue May 29 21:05:58 CST 2018]; root of context hierarchy
2018-05-29 21:05:58.701 |-INFO [background-preinit] org.hibernate.validator.internal.util.Version [30] -| HV000001: Hibernate Validator 5.3.5.Final
2018-05-29 21:06:00.232 |-ERROR [restartedMain] org.springframework.boot.SpringApplication [771] -| Application startup failed
java.lang.IllegalStateException: Error processing condition on org.apache.shiro.spring.boot.autoconfigure.ShiroBeanAutoConfiguration.eventBus
at org.springframework.boot.autoconfigure.condition.SpringBootCondition.matches(SpringBootCondition.java:64)
at org.springframework.context.annotation.ConditionEvaluator.shouldSkip(ConditionEvaluator.java:102)
at org.springframework.context.annotation.ConfigurationClassBeanDefinitionReader.loadBeanDefinitionsForBeanMethod(ConfigurationClassBeanDefinitionReader.java:178)
at org.springframework.context.annotation.ConfigurationClassBeanDefinitionReader.loadBeanDefinitionsForConfigurationClass(ConfigurationClassBeanDefinitionReader.java:140)
at org.springframework.context.annotation.ConfigurationClassBeanDefinitionReader.loadBeanDefinitions(ConfigurationClassBeanDefinitionReader.java:116)
at org.springframework.context.annotation.ConfigurationClassPostProcessor.processConfigBeanDefinitions(ConfigurationClassPostProcessor.java:320)
at org.springframework.context.annotation.ConfigurationClassPostProcessor.postProcessBeanDefinitionRegistry(ConfigurationClassPostProcessor.java:228)
at org.springframework.context.support.PostProcessorRegistrationDelegate.invokeBeanDefinitionRegistryPostProcessors(PostProcessorRegistrationDelegate.java:270)
at org.springframework.context.support.PostProcessorRegistrationDelegate.invokeBeanFactoryPostProcessors(PostProcessorRegistrationDelegate.java:93)
at org.springframework.context.support.AbstractApplicationContext.invokeBeanFactoryPostProcessors(AbstractApplicationContext.java:687)
at org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java:525)
at org.springframework.boot.context.embedded.EmbeddedWebApplicationContext.refresh(EmbeddedWebApplicationContext.java:122)
at org.springframework.boot.SpringApplication.refresh(SpringApplication.java:693)
at org.springframework.boot.SpringApplication.refreshContext(SpringApplication.java:360)
at org.springframework.boot.SpringApplication.run(SpringApplication.java:303)
at org.springframework.boot.SpringApplication.run(SpringApplication.java:1118)
at org.springframework.boot.SpringApplication.run(SpringApplication.java:1107)
at com.yy.itportal.ItPortalWebApplication.main(ItPortalWebApplication.java:22)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:498)
at org.springframework.boot.devtools.restart.RestartLauncher.run(RestartLauncher.java:49)
Caused by: java.lang.IllegalStateException: @ConditionalOnMissingBean did not specify a bean using type, name or annotation and the attempt to deduce the bean's type failed
at org.springframework.boot.autoconfigure.condition.OnBeanCondition$BeanSearchSpec.validate(OnBeanCondition.java:309)
at org.springframework.boot.autoconfigure.condition.OnBeanCondition$BeanSearchSpec.(OnBeanCondition.java:299)
at org.springframework.boot.autoconfigure.condition.OnBeanCondition.getMatchOutcome(OnBeanCondition.java:108)
at org.springframework.boot.autoconfigure.condition.SpringBootCondition.matches(SpringBootCondition.java:47)
... 22 common frames omitted
Caused by: org.springframework.boot.autoconfigure.condition.OnBeanCondition$BeanTypeDeductionException: Failed to deduce bean type for org.apache.shiro.spring.boot.autoconfigure.ShiroBeanAutoConfiguration.eventBus
at org.springframework.boot.autoconfigure.condition.OnBeanCondition$BeanSearchSpec.addDeducedBeanTypeForBeanMethod(OnBeanCondition.java:362)
at org.springframework.boot.autoconfigure.condition.OnBeanCondition$BeanSearchSpec.addDeducedBeanType(OnBeanCondition.java:346)
at org.springframework.boot.autoconfigure.condition.OnBeanCondition$BeanSearchSpec.(OnBeanCondition.java:293)
... 24 common frames omitted
Caused by: java.lang.ClassNotFoundException: org.apache.shiro.event.EventBus
at java.net.URLClassLoader.findClass(URLClassLoader.java:381)
at java.lang.ClassLoader.loadClass(ClassLoader.java:424)
at sun.misc.Launcher$AppClassLoader.loadClass(Launcher.java:349)
at java.lang.ClassLoader.loadClass(ClassLoader.java:357)
at org.springframework.boot.devtools.restart.classloader.RestartClassLoader.loadClass(RestartClassLoader.java:151)
at java.lang.ClassLoader.loadClass(ClassLoader.java:357)
at org.springframework.util.ClassUtils.forName(ClassUtils.java:250)
at org.springframework.boot.autoconfigure.condition.OnBeanCondition$BeanSearchSpec.addDeducedBeanTypeForBeanMethod(OnBeanCondition.java:356)
... 26 common frames omitted
2018-05-29 21:06:00.235 |-INFO [restartedMain] org.springframework.boot.context.embedded.AnnotationConfigEmbeddedWebApplicationContext [984] -| Closing org.springframework.boot.context.embedded.AnnotationConfigEmbeddedWebApplicationContext@af2e13c: startup date [Tue May 29 21:05:58 CST 2018]; root of context hierarchy
2018-05-29 21:06:00.237 |-WARN [restartedMain] org.springframework.boot.context.embedded.AnnotationConfigEmbeddedWebApplicationContext [1002] -| Exception thrown from LifecycleProcessor on context close
java.lang.IllegalStateException: LifecycleProcessor not initialized - call 'refresh' before invoking lifecycle methods via the context: org.springframework.boot.context.embedded.AnnotationConfigEmbeddedWebApplicationContext@af2e13c: startup date [Tue May 29 21:05:58 CST 2018]; root of context hierarchy
at org.springframework.context.support.AbstractApplicationContext.getLifecycleProcessor(AbstractApplicationContext.java:427)
at org.springframework.context.support.AbstractApplicationContext.doClose(AbstractApplicationContext.java:999)
at org.springframework.context.support.AbstractApplicationContext.close(AbstractApplicationContext.java:958)
at org.springframework.boot.SpringApplication.handleRunFailure(SpringApplication.java:750)
at org.springframework.boot.SpringApplication.run(SpringApplication.java:314)
at org.springframework.boot.SpringApplication.run(SpringApplication.java:1118)
at org.springframework.boot.SpringApplication.run(SpringApplication.java:1107)
at com.yy.itportal.ItPortalWebApplication.main(ItPortalWebApplication.java:22)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:498)
at org.springframework.boot.devtools.restart.RestartLauncher.run(RestartLauncher.java:49)
2018-05-29 21:06:00.237 |-ERROR [restartedMain] org.springframework.beans.factory.support.DefaultListableBeanFactory [581] -| Destroy method on bean with name 'org.springframework.boot.autoconfigure.internalCachingMetadataReaderFactory' threw an exception
java.lang.IllegalStateException: ApplicationEventMulticaster not initialized - call 'refresh' before multicasting events via the context: org.springframework.boot.context.embedded.AnnotationConfigEmbeddedWebApplicationContext@af2e13c: startup date [Tue May 29 21:05:58 CST 2018]; root of context hierarchy
at org.springframework.context.support.AbstractApplicationContext.getApplicationEventMulticaster(AbstractApplicationContext.java:414)
at org.springframework.context.support.ApplicationListenerDetector.postProcessBeforeDestruction(ApplicationListenerDetector.java:97)
at org.springframework.beans.factory.support.DisposableBeanAdapter.destroy(DisposableBeanAdapter.java:253)
at org.springframework.beans.factory.support.DefaultSingletonBeanRegistry.destroyBean(DefaultSingletonBeanRegistry.java:578)
at org.springframework.beans.factory.support.DefaultSingletonBeanRegistry.destroySingleton(DefaultSingletonBeanRegistry.java:554)
at org.springframework.beans.factory.support.DefaultListableBeanFactory.destroySingleton(DefaultListableBeanFactory.java:961)
at org.springframework.beans.factory.support.DefaultSingletonBeanRegistry.destroySingletons(DefaultSingletonBeanRegistry.java:523)
at org.springframework.beans.factory.support.FactoryBeanRegistrySupport.destroySingletons(FactoryBeanRegistrySupport.java:230)
at org.springframework.beans.factory.support.DefaultListableBeanFactory.destroySingletons(DefaultListableBeanFactory.java:968)
at org.springframework.context.support.AbstractApplicationContext.destroyBeans(AbstractApplicationContext.java:1030)
at org.springframework.context.support.AbstractApplicationContext.doClose(AbstractApplicationContext.java:1006)
at org.springframework.context.support.AbstractApplicationContext.close(AbstractApplicationContext.java:958)
at org.springframework.boot.SpringApplication.handleRunFailure(SpringApplication.java:750)
at org.springframework.boot.SpringApplication.run(SpringApplication.java:314)
at org.springframework.boot.SpringApplication.run(SpringApplication.java:1118)
at org.springframework.boot.SpringApplication.run(SpringApplication.java:1107)
at com.yy.itportal.ItPortalWebApplication.main(ItPortalWebApplication.java:22)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:498)
at org.springframework.boot.devtools.restart.RestartLauncher.run(RestartLauncher.java:49)
Exception in thread "restartedMain" java.lang.reflect.InvocationTargetException
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:498)
at org.springframework.boot.devtools.restart.RestartLauncher.run(RestartLauncher.java:49)
Caused by: java.lang.NoClassDefFoundError: org/apache/shiro/event/EventBus
at java.lang.Class.getDeclaredMethods0(Native Method)
at java.lang.Class.privateGetDeclaredMethods(Class.java:2701)
at java.lang.Class.getDeclaredMethods(Class.java:1975)
at org.springframework.util.ReflectionUtils.getDeclaredMethods(ReflectionUtils.java:613)
at org.springframework.util.ReflectionUtils.doWithMethods(ReflectionUtils.java:524)
at org.springframework.util.ReflectionUtils.doWithMethods(ReflectionUtils.java:510)
at org.springframework.util.ReflectionUtils.getUniqueDeclaredMethods(ReflectionUtils.java:570)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.getTypeForFactoryMethod(AbstractAutowireCapableBeanFactory.java:697)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.determineTargetType(AbstractAutowireCapableBeanFactory.java:640)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.predictBeanType(AbstractAutowireCapableBeanFactory.java:609)
at org.springframework.beans.factory.support.AbstractBeanFactory.isFactoryBean(AbstractBeanFactory.java:1484)
at org.springframework.beans.factory.support.DefaultListableBeanFactory.doGetBeanNamesForType(DefaultListableBeanFactory.java:425)
at org.springframework.beans.factory.support.DefaultListableBeanFactory.getBeanNamesForType(DefaultListableBeanFactory.java:395)
at org.springframework.beans.factory.support.DefaultListableBeanFactory.getBeansOfType(DefaultListableBeanFactory.java:515)
at org.springframework.beans.factory.support.DefaultListableBeanFactory.getBeansOfType(DefaultListableBeanFactory.java:508)
at org.springframework.context.support.AbstractApplicationContext.getBeansOfType(AbstractApplicationContext.java:1186)
at org.springframework.boot.SpringApplication.getExitCodeFromMappedException(SpringApplication.java:818)
at org.springframework.boot.SpringApplication.getExitCodeFromException(SpringApplication.java:804)
at org.springframework.boot.SpringApplication.handleExitCode(SpringApplication.java:790)
at org.springframework.boot.SpringApplication.handleRunFailure(SpringApplication.java:744)
at org.springframework.boot.SpringApplication.run(SpringApplication.java:314)
at org.springframework.boot.SpringApplication.run(SpringApplication.java:1118)
at org.springframework.boot.SpringApplication.run(SpringApplication.java:1107)
at com.yy.itportal.ItPortalWebApplication.main(ItPortalWebApplication.java:22)
... 5 more
Caused by: java.lang.ClassNotFoundException: org.apache.shiro.event.EventBus
at java.net.URLClassLoader.findClass(URLClassLoader.java:381)
at java.lang.ClassLoader.loadClass(ClassLoader.java:424)
at sun.misc.Launcher$AppClassLoader.loadClass(Launcher.java:349)
at java.lang.ClassLoader.loadClass(ClassLoader.java:357)
... 29 more
Disconnected from the target VM, address: '127.0.0.1:61280', transport: 'socket'

Process finished with exit code 0

jedis资源释放

不应该使用jedisPool.returnResource(jedis)，应该使用close(),否则在jedis连接异常时并销毁会造成数据错乱

springboot集成问题

springboot集成遇到问题，希望能出个demo指点一下，谢谢

出现一个序列化的问题，请指教

There was an unexpected error (type=Internal Server Error, status=500).
org.apache.shiro.session.UnknownSessionException: org.crazycake.shiro.exception.SerializationException: serialize error, object=org.apache.shiro.session.mgt.SimpleSession,id=684dc670-6ac4-47ab-bf11-52960c8cc6c3

谢谢！

Are you sure your framework work as your purpose?

The method readSessionof the SessionDAOhas one paramter named sessionId,when use Shiro in web environment ,then instance of WebSubject init in AbstractShiroFilter like this :
return new WebSubject.Builder(getSecurityManager(), request, response).buildWebSubject();,
but i can't find Shiro init sessionIdat anywhere,it's mean your framework no ability to bind the Sessionthat in Redisto current WebSubject. so when you inovke the method getSession() of Subject,Shiro will create new Sessionfor you.
My Email : [email protected]

principal 如果是String 类型，登陆用户的authorizationCache key重复，从2.4.2.1升级2.8.4发现的

关于实现AuthCachePrincipal 这个类后，获取subject.getPrincipal();后出现类型转换异常

使用的SpringBoot 1.5.8 shiro-spring 1.4.0

实体类

@Data
public class User implements Serializable, AuthCachePrincipal {

    private static final long serialVersionUID = -7602493744804518782L;

    private Integer id;

    private String name;

    private String password;

    private Boolean rememberMe;

    @Override
    public String getAuthCacheKey() {
        return getName();
    }
}

realm 认证回传 simpleAuthenticationInfo

protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException {
        System.out.println("执行认证方法...");

        // 获取用户输入的账户信息
        UsernamePasswordToken token = (UsernamePasswordToken) authenticationToken;
        String username = token.getUsername();

        // 获取数据库的账户信息
        User dbUser = userService.findByName(username);

        // 判断用户名
        if (null == dbUser) {
            // 如果用户名不存在
            // shiro底层自动抛出UnknownAccountException
            return null;
        }

        SimpleAuthenticationInfo simpleAuthenticationInfo = new SimpleAuthenticationInfo(dbUser, dbUser.getPassword(), getName());

        return simpleAuthenticationInfo;
    }

然后授权获取 User dbUser = (User) subject.getPrincipal(); 时出现类型转换失败。

protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
        System.out.println("执行授权方法...");

        // 给当前登录用户进行动态授权
        // 1.获取当前用户的pricipal
        Subject subject = SecurityUtils.getSubject();

        User dbUser = (User) subject.getPrincipal();

        // 2.查询当前用户拥有的资源授权码
        List<String> upmsPermissions = userService.findPermissionByUserId(dbUser.getId());
        Set<String> permissions = new HashSet<>();
        for (String permission : upmsPermissions) {
            if (!StringUtils.isEmpty(permission)) {
                permissions.add(permission);
            }
        }
        info.setStringPermissions(permissions);

        return info;
    }

异常信息

java.lang.ClassCastException: com.yobing.shirospringboot.model.User cannot be cast to com.yobing.shirospringboot.model.User
	at com.yobing.shirospringboot.shiro.realm.UpmsRealm.doGetAuthorizationInfo(UpmsRealm.java:52) ~[classes/:na]
	at org.apache.shiro.realm.AuthorizingRealm.getAuthorizationInfo(AuthorizingRealm.java:341) ~[shiro-core-1.4.0.jar:1.4.0]
	at org.apache.shiro.realm.AuthorizingRealm.isPermitted(AuthorizingRealm.java:462) ~[shiro-core-1.4.0.jar:1.4.0]
	at org.apache.shiro.realm.AuthorizingRealm.isPermitted(AuthorizingRealm.java:458) ~[shiro-core-1.4.0.jar:1.4.0]
	at org.apache.shiro.authz.ModularRealmAuthorizer.isPermitted(ModularRealmAuthorizer.java:223) ~[shiro-core-1.4.0.jar:1.4.0]
	at org.apache.shiro.authz.ModularRealmAuthorizer.checkPermission(ModularRealmAuthorizer.java:322) ~[shiro-core-1.4.0.jar:1.4.0]
	at org.apache.shiro.mgt.AuthorizingSecurityManager.checkPermission(AuthorizingSecurityManager.java:137) ~[shiro-core-1.4.0.jar:1.4.0]
	at org.apache.shiro.subject.support.DelegatingSubject.checkPermission(DelegatingSubject.java:209) ~[shiro-core-1.4.0.jar:1.4.0]
	at org.apache.shiro.authz.aop.PermissionAnnotationHandler.assertAuthorized(PermissionAnnotationHandler.java:74) ~[shiro-core-1.4.0.jar:1.4.0]
	at org.apache.shiro.authz.aop.AuthorizingAnnotationMethodInterceptor.assertAuthorized(AuthorizingAnnotationMethodInterceptor.java:84) ~[shiro-core-1.4.0.jar:1.4.0]
	at org.apache.shiro.authz.aop.AnnotationsAuthorizingMethodInterceptor.assertAuthorized(AnnotationsAuthorizingMethodInterceptor.java:100) ~[shiro-core-1.4.0.jar:1.4.0]
	at org.apache.shiro.authz.aop.AuthorizingMethodInterceptor.invoke(AuthorizingMethodInterceptor.java:38) ~[shiro-core-1.4.0.jar:1.4.0]
	at org.apache.shiro.spring.security.interceptor.AopAllianceAnnotationsAuthorizingMethodInterceptor.invoke(AopAllianceAnnotationsAuthorizingMethodInterceptor.java:115) ~[shiro-spring-1.4.0.jar:1.4.0]
	at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:179) ~[spring-aop-4.3.12.RELEASE.jar:4.3.12.RELEASE]
	at org.springframework.aop.framework.CglibAopProxy$DynamicAdvisedInterceptor.intercept(CglibAopProxy.java:673) ~[spring-aop-4.3.12.RELEASE.jar:4.3.12.RELEASE]
	at com.yobing.shirospringboot.controller.ProductController$$EnhancerBySpringCGLIB$$382af930.toAdd(<generated>) ~[classes/:na]
	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[na:1.8.0_121]
	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[na:1.8.0_121]
	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[na:1.8.0_121]
	at java.lang.reflect.Method.invoke(Method.java:498) ~[na:1.8.0_121]
	at org.springframework.web.method.support.InvocableHandlerMethod.doInvoke(InvocableHandlerMethod.java:205) ~[spring-web-4.3.12.RELEASE.jar:4.3.12.RELEASE]
	at org.springframework.web.method.support.InvocableHandlerMethod.invokeForRequest(InvocableHandlerMethod.java:133) ~[spring-web-4.3.12.RELEASE.jar:4.3.12.RELEASE]
	at org.springframework.web.servlet.mvc.method.annotation.ServletInvocableHandlerMethod.invokeAndHandle(ServletInvocableHandlerMethod.java:97) ~[spring-webmvc-4.3.12.RELEASE.jar:4.3.12.RELEASE]
	at org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerAdapter.invokeHandlerMethod(RequestMappingHandlerAdapter.java:827) ~[spring-webmvc-4.3.12.RELEASE.jar:4.3.12.RELEASE]
	at org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerAdapter.handleInternal(RequestMappingHandlerAdapter.java:738) ~[spring-webmvc-4.3.12.RELEASE.jar:4.3.12.RELEASE]
	at org.springframework.web.servlet.mvc.method.AbstractHandlerMethodAdapter.handle(AbstractHandlerMethodAdapter.java:85) ~[spring-webmvc-4.3.12.RELEASE.jar:4.3.12.RELEASE]
	at org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:967) ~[spring-webmvc-4.3.12.RELEASE.jar:4.3.12.RELEASE]
	at org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:901) ~[spring-webmvc-4.3.12.RELEASE.jar:4.3.12.RELEASE]
	at org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:970) ~[spring-webmvc-4.3.12.RELEASE.jar:4.3.12.RELEASE]
	at org.springframework.web.servlet.FrameworkServlet.doGet(FrameworkServlet.java:861) ~[spring-webmvc-4.3.12.RELEASE.jar:4.3.12.RELEASE]
	at javax.servlet.http.HttpServlet.service(HttpServlet.java:635) ~[tomcat-embed-core-8.5.23.jar:8.5.23]
	at org.springframework.web.servlet.FrameworkServlet.service(FrameworkServlet.java:846) ~[spring-webmvc-4.3.12.RELEASE.jar:4.3.12.RELEASE]
	at javax.servlet.http.HttpServlet.service(HttpServlet.java:742) ~[tomcat-embed-core-8.5.23.jar:8.5.23]
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:231) ~[tomcat-embed-core-8.5.23.jar:8.5.23]
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) ~[tomcat-embed-core-8.5.23.jar:8.5.23]
	at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52) ~[tomcat-embed-websocket-8.5.23.jar:8.5.23]
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) ~[tomcat-embed-core-8.5.23.jar:8.5.23]
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) ~[tomcat-embed-core-8.5.23.jar:8.5.23]
	at org.apache.shiro.web.servlet.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:112) ~[shiro-web-1.4.0.jar:1.4.0]
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) ~[tomcat-embed-core-8.5.23.jar:8.5.23]
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) ~[tomcat-embed-core-8.5.23.jar:8.5.23]
	at org.apache.shiro.web.servlet.ProxiedFilterChain.doFilter(ProxiedFilterChain.java:61) ~[shiro-web-1.4.0.jar:1.4.0]
	at org.apache.shiro.web.servlet.AdviceFilter.executeChain(AdviceFilter.java:108) ~[shiro-web-1.4.0.jar:1.4.0]
	at org.apache.shiro.web.servlet.AdviceFilter.doFilterInternal(AdviceFilter.java:137) ~[shiro-web-1.4.0.jar:1.4.0]
	at org.apache.shiro.web.servlet.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:125) ~[shiro-web-1.4.0.jar:1.4.0]
	at org.apache.shiro.web.servlet.ProxiedFilterChain.doFilter(ProxiedFilterChain.java:66) ~[shiro-web-1.4.0.jar:1.4.0]
	at org.apache.shiro.web.servlet.AbstractShiroFilter.executeChain(AbstractShiroFilter.java:449) ~[shiro-web-1.4.0.jar:1.4.0]
	at org.apache.shiro.web.servlet.AbstractShiroFilter$1.call(AbstractShiroFilter.java:365) ~[shiro-web-1.4.0.jar:1.4.0]
	at org.apache.shiro.subject.support.SubjectCallable.doCall(SubjectCallable.java:90) ~[shiro-core-1.4.0.jar:1.4.0]
	at org.apache.shiro.subject.support.SubjectCallable.call(SubjectCallable.java:83) ~[shiro-core-1.4.0.jar:1.4.0]
	at org.apache.shiro.subject.support.DelegatingSubject.execute(DelegatingSubject.java:387) ~[shiro-core-1.4.0.jar:1.4.0]
	at org.apache.shiro.web.servlet.AbstractShiroFilter.doFilterInternal(AbstractShiroFilter.java:362) ~[shiro-web-1.4.0.jar:1.4.0]
	at org.apache.shiro.web.servlet.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:125) ~[shiro-web-1.4.0.jar:1.4.0]
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) ~[tomcat-embed-core-8.5.23.jar:8.5.23]
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) ~[tomcat-embed-core-8.5.23.jar:8.5.23]
	at com.alibaba.druid.support.http.WebStatFilter.doFilter(WebStatFilter.java:123) ~[druid-1.1.9.jar:1.1.9]
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) ~[tomcat-embed-core-8.5.23.jar:8.5.23]
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) ~[tomcat-embed-core-8.5.23.jar:8.5.23]
	at org.springframework.web.filter.RequestContextFilter.doFilterInternal(RequestContextFilter.java:99) ~[spring-web-4.3.12.RELEASE.jar:4.3.12.RELEASE]
	at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) ~[spring-web-4.3.12.RELEASE.jar:4.3.12.RELEASE]
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) ~[tomcat-embed-core-8.5.23.jar:8.5.23]
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) ~[tomcat-embed-core-8.5.23.jar:8.5.23]
	at org.springframework.web.filter.HttpPutFormContentFilter.doFilterInternal(HttpPutFormContentFilter.java:108) ~[spring-web-4.3.12.RELEASE.jar:4.3.12.RELEASE]
	at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) ~[spring-web-4.3.12.RELEASE.jar:4.3.12.RELEASE]
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) ~[tomcat-embed-core-8.5.23.jar:8.5.23]
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) ~[tomcat-embed-core-8.5.23.jar:8.5.23]
	at org.springframework.web.filter.HiddenHttpMethodFilter.doFilterInternal(HiddenHttpMethodFilter.java:81) ~[spring-web-4.3.12.RELEASE.jar:4.3.12.RELEASE]
	at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) ~[spring-web-4.3.12.RELEASE.jar:4.3.12.RELEASE]
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) ~[tomcat-embed-core-8.5.23.jar:8.5.23]
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) ~[tomcat-embed-core-8.5.23.jar:8.5.23]
	at org.springframework.web.filter.CharacterEncodingFilter.doFilterInternal(CharacterEncodingFilter.java:197) ~[spring-web-4.3.12.RELEASE.jar:4.3.12.RELEASE]
	at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) ~[spring-web-4.3.12.RELEASE.jar:4.3.12.RELEASE]
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) ~[tomcat-embed-core-8.5.23.jar:8.5.23]
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) ~[tomcat-embed-core-8.5.23.jar:8.5.23]
	at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:199) ~[tomcat-embed-core-8.5.23.jar:8.5.23]
	at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:96) [tomcat-embed-core-8.5.23.jar:8.5.23]
	at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:478) [tomcat-embed-core-8.5.23.jar:8.5.23]
	at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:140) [tomcat-embed-core-8.5.23.jar:8.5.23]
	at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:81) [tomcat-embed-core-8.5.23.jar:8.5.23]
	at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:87) [tomcat-embed-core-8.5.23.jar:8.5.23]
	at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:342) [tomcat-embed-core-8.5.23.jar:8.5.23]
	at org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:803) [tomcat-embed-core-8.5.23.jar:8.5.23]
	at org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:66) [tomcat-embed-core-8.5.23.jar:8.5.23]
	at org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:868) [tomcat-embed-core-8.5.23.jar:8.5.23]
	at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1459) [tomcat-embed-core-8.5.23.jar:8.5.23]
	at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49) [tomcat-embed-core-8.5.23.jar:8.5.23]
	at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) [na:1.8.0_121]
	at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) [na:1.8.0_121]
	at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61) [tomcat-embed-core-8.5.23.jar:8.5.23]
	at java.lang.Thread.run(Thread.java:745) [na:1.8.0_121]

shiro redis doReadSession too many times

我阅读了以下您的解决方案，有一个问题想请教一下，这里doReadSession的时候从ThreadLocal获取，不会出现redis里面的session已经被更新过或者已经删除，而ThreadLocal还是旧的情况吗？

RedisSessionDAO.java#L124-L179

关于shiro subject共享问题

cache做了负载均衡之后,两次的请求subject不是同一个线程之内的,如何保持一致?

Clear cache would clear all session data from redis, too?

Hi Alex,

I think this line would clear all redis data (including session data) when cache is cleared by shire cache management, which is not expected.
https://github.com/alexxiyang/shiro-redis/blame/master/src/main/java/org/crazycake/shiro/RedisCache.java#L132

I didn't verify it, but it doesn't look correct to me.

Thanks,
Peter

可用性问题

RedisSessionDao完全依赖于redis，如果redis挂掉了，或者本来redis就没有启动，那么该组件会导致项目全部不可用。所以考虑一下可用性。

1、确保单机一定可用：

private static Logger logger = LoggerFactory.getLogger(SessionCache.class);
private String keyPrefix = "shiro_redis_session:";

private final CacheClusterClient cacheClusterClient;
private final int timeOut ;

public SessionCache(CacheClusterClient cacheClusterClient, int timeOut) {
    this.cacheClusterClient = cacheClusterClient;
    this.timeOut = timeOut;
}

/**
 * 读取session
 *
 * @param sessionId
 * @return
 */
public Session readSession(Serializable sessionId) {
    try {
        return sessionCache.get(sessionId);
    } catch (Exception e) {
        return null;
    }
}

/**
 * 保存session
 *
 * @param session
 */
public void saveSession(Session session) {
    if(session == null || session.getId() == null){
        logger.error("session or session id is null");
        return;
    }
    byte[] key = getKey(session.getId());
    byte[] value = SerializeUtil.serialize(session);
    session.setTimeout(timeOut * 1000);
    try{
        cacheClusterClient.set(key, value);
        cacheClusterClient.expire(key,timeOut);
    } catch (Exception e) {
        logger.error("###########Redis Connect Failed###########", e);
        //save to local
        sessionCache.put(session.getId(),session);
    }
}

/**
 * 作废session
 *
 * @param sessionId
 */
public void invalid(Serializable sessionId) {
    sessionCache.invalidate(sessionId);
    try{
        cacheClusterClient.del(getKey(sessionId));
    } catch (Exception e) {
        logger.error("###########Redis Connect Failed###########", e);
    }
}

/**
 * 所有活动的session
 *
 * @return
 */
public Collection<Session> getActive() {
    return sessionCache.asMap().values();
}

/////////////////////////////////\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
/////////////////////////////////\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
/////////////////////////////////\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\

private LoadingCache<Serializable,Session> sessionCache = CacheBuilder.newBuilder()
        .maximumSize(100)//设置缓存最大容量为100
        .expireAfterWrite(10, TimeUnit.MINUTES)//设置写缓存后30分钟过期，过期后会触发removalListener
        .concurrencyLevel(4)//并发级别为4，并发级别是指可以同时写缓存的线程数
        .removalListener(new RemovalListener<Object, Object>() {//这段代码可以移除
            @Override
            public void onRemoval(RemovalNotification<Object, Object> notification) {
                logger.debug("session was removed with key" + notification.getKey() + " cause is :" + notification.getCause());
            }
        })
        .build(new CacheLoader<Serializable,Session>() {//如果缓存中根据Key没有取到值，那么执行这里面的操作了
            @Override
            public Session load(Serializable key) throws Exception {
                return readRedis(key);//当返回null的时候会抛异常，CacheLoader.InvalidCacheLoadException
            }
        });


private byte[] getKey(Serializable sessionId){
    String preKey = this.keyPrefix + sessionId;
    return SerializeUtil.serialize(preKey);
}

private Session readRedis(Serializable sessionId) {
    if(sessionId == null){
        logger.error("session id is null");
        return null;
    }
    try {
        byte[] key = getKey(sessionId);
        byte[] value = cacheClusterClient.get(key);
        if(value == null) return null;
        Session s = (Session) SerializeUtil.deserialize(value);
        return s;
    } catch (Exception e) {
        logger.error("Redis Connect Failed! Read Err!",e);
    }
    return null;
}

2、提升redis组件本身的可用性：

这个可以 redis的一些cluster的方案，这里不做衍生。

session.getAttribute("residentLogin")是null，但是redis里已经保存了？

"\xac\xed\x00\x05sr\x00org.apache.shiro.session.mgt.SimpleSession\x9d\x1c\xa1\xb8\xd5\x8cbn\x03\x00\x00xpw\x02\x00\xdbt\x00$abe11d9f-a0e1-494e-963d-14b677928b83sr\x00\x0ejava.util.Datehj\x81\x01KYt\x19\x03\x00\x00xpw\b\x00\x00\x01_\xa5.+\xdaxsq\x00~\x00\x03w\b\x00\x00\x01_\xa5./mxw\x13\x00\x00\x00\x00\x00\x1bw@\x00\t127.0.0.1sr\x00\x11java.util.HashMap\x05\a\xda\xc1\xc3\x16`\xd1\x03\x00\x02F\x00\nloadFactorI\x00\tthresholdxp?@\x00\x00\x00\x00\x00\x01w\b\x00\x00\x00\x02\x00\x00\x00\x02t\x00\bdeviceIdt\x00\x0f357612081944192t\x00\rresidentLoginsr\x00/com.lansent.howjoy.domain.func.bo.ResidentLoginC\x99\x96\xf7\xee\x8a\xf9\xd6\x02\x00\x13L\x00\tcheckFlagt\x00\x13Ljava/lang/Integer;L\x00\x0censureAmountt\x00\x12Ljava/lang/String;L\x00\rheaderImagUrlq\x00~\x00\rL\x00\thouseCodeq\x00~\x00\rL\x00\x02idq\x00~\x00\rL\x00\x0eidentificationq\x00~\x00\rL\x00\x0eisImRegisteredq\x00~\x00\x0cL\x00\x12lastLoginEquipmentq\x00~\x00\x0cL\x00\x0bloginNumberq\x00~\x00\rL\x00\nloginTokenq\x00~\x00\rL\x00\x04moodq\x00~\x00\rL\x00\x0bnewDeviceIdq\x00~\x00\rL\x00\bnicknameq\x00~\x00\rL\x00\bpasswordq\x00~\x00\rL\x00\x0cregisterDatet\x00\x10Ljava/util/Date;L\x00\x0cresidentNameq\x00~\x00\rL\x00\nresidentidq\x00~\x00\x0cL\x00\x06typeIdq\x00~\x00\x0cL\x00\tvalidFlagq\x00~\x00\x0cxr\x00"com.lansent.howjoy.domain.BasePage\xa2\x93\xa7\x9d\x10='\xa5\x02\x00\x04I\x00\x04pageI\x00\bpageSizeL\x00\x11baseBlockCodeListt\x00\x10Ljava/util/List;L\x00\x0borderFiledsq\x00~\x00\rxp\x00\x00\x00\x00\x00\x00\x00\x00sr\x00\x13java.util.ArrayListx\x81\xd2\x1d\x99\xc7a\x9d\x03\x00\x01I\x00\x04sizexp\x00\x00\x00\x01w\x04\x00\x00\x00\x01t\x00\n1101050002xpsr\x00\x11java.lang.Integer\x12\xe2\xa0\xa4\xf7\x81\x878\x02\x00\x01I\x00\x05valuexr\x00\x10java.lang.Number\x86\xac\x95\x1d\x0b\x94\xe0\x8b\x02\x00\x00xp\x00\x00\x00\x00t\x00 4e2dd20c3367fba2984741fee20c490bppt\x00 5cbfa2f1993bed71e050a10a7e1c785ct\x00\x1213062119720917661Xsq\x00~\x00\x15\x00\x00\x00\x01sq\x00~\x00\x15\x00\x00\x00\x02t\x00\x0b13681378388t\x00\x0f357612081944192ppt\x00\x0b136***8388t\x00 E10ADC3949BA59ABBE56E057F20F883Esq\x00~\x00\x03w\b\x00\x00\x01_lF\x1b\x89xt\x00\t\xe9\xad\x8f\xe8\x90\xa5\xe6\x94\xbfsq\x00~\x00\x15\a\xefN\x84q\x00~\x00\x1bq\x00~\x00\x1bxx"

这是redis中存储的结果，但是我java里取出来是null？
这个问题并不总是发生，30分钟左右出现一次。

Spring+Hibernate ,logout 后org.apache.shiro.session.UnknownSessionException: There is no session with id

项目中的hibernate配置OpenSessionInViewFilter后，shiro logout后，会出现org.apache.shiro.session.UnknownSessionException: There is no session with id，因为session已经被删除了，找不到对应的session，可以考虑，delete()时不把session删除，只清空session中的对应数据

org.crazycake.shiro.RedisCache.size() 返回数量可能不符合期望的问题

public int size() {
	Long longSize = new Long(redisManager.dbSize());
	return longSize.intValue();
}

你直接用的 redis commonds dbsize,如果别的程序也有在使用这个 redis 库，那么 size() 的返回明显不对，比如我使用的就是 redis 集群，以下为个人修改。

public int size() {
      String pattern = "*";

      RedisFuture<List<byte[]>> future = conn.keys(keySerialize(pattern));

      try {
          List<byte[]> list = future.get();

          return list.size();
      } catch (InterruptedException | ExecutionException e) {
          throw new CacheException(e.getMessage(), e);
      }
  }

@Cacheable无效问题

您好，请问下，将shiro-redis在spring boot中集合后，Spring的@cacheble注解无效？查了下，但是不知道怎么解决，能帮忙看下么？

https://stackoverflow.com/questions/21512791/spring-service-with-cacheable-methods-gets-initialized-without-cache-when-autowi

RedisSessionDAO 设置过期时间不起作用，还是按照shiro本身默认半个小时就失效了

@bean
public RedisSessionDAO redisSessionDAO(){
RedisSessionDAO redisSessionDAO = new RedisSessionDAO();
redisSessionDAO.setRedisManager(redisManager());
//存储一天
redisSessionDAO.setExpire(606024);
return redisSessionDAO;
}

系列化问题

按照你的方式去做，老是报系列化错误，不知道怎么解决？望指教
java.lang.Exception: Failed to serialize
at org.crazycake.shiro.SerializeUtils.serialize(SerializeUtils.java:78)
at org.crazycake.shiro.RedisCache.put(RedisCache.java:109)
at org.apache.shiro.realm.AuthenticatingRealm.cacheAuthenticationInfoIfPossible(AuthenticatingRealm.java:515)
at org.apache.shiro.realm.AuthenticatingRealm.getAuthenticationInfo(AuthenticatingRealm.java:571)
at org.apache.shiro.authc.pam.ModularRealmAuthenticator.doSingleRealmAuthentication(ModularRealmAuthenticator.java:180)
at org.apache.shiro.authc.pam.ModularRealmAuthenticator.doAuthenticate(ModularRealmAuthenticator.java:267)
at org.apache.shiro.authc.AbstractAuthenticator.authenticate(AbstractAuthenticator.java:198)
at org.apache.shiro.mgt.AuthenticatingSecurityManager.authenticate(AuthenticatingSecurityManager.java:106)
at org.apache.shiro.mgt.DefaultSecurityManager.login(DefaultSecurityManager.java:270)
at org.apache.shiro.subject.support.DelegatingSubject.login(DelegatingSubject.java:256)
at cn.cafebar.web.login.action.LoginAction.login(LoginAction.java:66)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:601)
at org.springframework.web.bind.annotation.support.HandlerMethodInvoker.invokeHandlerMethod(HandlerMethodInvoker.java:175)
at org.springframework.web.servlet.mvc.annotation.AnnotationMethodHandlerAdapter.invokeHandlerMethod(AnnotationMethodHandlerAdapter.java:446)
at org.springframework.web.servlet.mvc.annotation.AnnotationMethodHandlerAdapter.handle(AnnotationMethodHandlerAdapter.java:434)
at org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:938)
at org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:870)
at org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:961)
at org.springframework.web.servlet.FrameworkServlet.doPost(FrameworkServlet.java:863)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:647)
at org.springframework.web.servlet.FrameworkServlet.service(FrameworkServlet.java:837)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:728)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:305)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:210)
at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:243)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:210)
at org.apache.shiro.web.servlet.ProxiedFilterChain.doFilter(ProxiedFilterChain.java:61)
at org.apache.shiro.web.servlet.AdviceFilter.executeChain(AdviceFilter.java:108)
at org.apache.shiro.web.servlet.AdviceFilter.doFilterInternal(AdviceFilter.java:137)
at org.apache.shiro.web.servlet.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:125)
at org.apache.shiro.web.servlet.ProxiedFilterChain.doFilter(ProxiedFilterChain.java:66)
at org.apache.shiro.web.servlet.AbstractShiroFilter.executeChain(AbstractShiroFilter.java:449)
at org.apache.shiro.web.servlet.AbstractShiroFilter$1.call(AbstractShiroFilter.java:365)
at org.apache.shiro.subject.support.SubjectCallable.doCall(SubjectCallable.java:90)
at org.apache.shiro.subject.support.SubjectCallable.call(SubjectCallable.java:83)
at org.apache.shiro.subject.support.DelegatingSubject.execute(DelegatingSubject.java:383)
at org.apache.shiro.web.servlet.AbstractShiroFilter.doFilterInternal(AbstractShiroFilter.java:362)
at org.apache.shiro.web.servlet.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:125)
at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:344)
at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:261)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:243)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:210)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:222)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:123)
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:502)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:171)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:100)
at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:953)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:118)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:409)
at org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1044)
at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:607)
at org.apache.tomcat.util.net.JIoEndpoint$SocketProcessor.run(JIoEndpoint.java:313)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)
at java.lang.Thread.run(Thread.java:722)
Caused by: java.io.NotSerializableException: org.apache.shiro.util.SimpleByteSource
at java.io.ObjectOutputStream.writeObject0(ObjectOutputStream.java:1180)
at java.io.ObjectOutputStream.defaultWriteFields(ObjectOutputStream.java:1528)
at java.io.ObjectOutputStream.writeSerialData(ObjectOutputStream.java:1493)
at java.io.ObjectOutputStream.writeOrdinaryObject(ObjectOutputStream.java:1416)
at java.io.ObjectOutputStream.writeObject0(ObjectOutputStream.java:1174)
at java.io.ObjectOutputStream.writeObject(ObjectOutputStream.java:346)
at org.crazycake.shiro.SerializeUtils.serialize(SerializeUtils.java:73)
... 59 more

如何与spring boot 整合？

一样的实现

我在项目开发中也实现了shiro的redis集群，发现了simplesession序列化会有问题，因为此类属性基本带有transient修饰词，必须使用此类自己实现的readObject和writeObject方法，在性能和大小考虑小，我使用了原生方式，fst方式，fastjson方式，kryo方式实现。另外，一个redis带来了单点，必然会出现单点故障。

用redis实现shiro cache后发现redis操作非常频繁,一个请求可能出现10次左右的redis io,请问这个怎么解决呢?

主要是这个方法调用非常频繁

    @SuppressWarnings("unchecked")
    @Override
    public V get(K key) throws CacheException {
        byte[] result = redis.hget(cacheName.getBytes(), serialize(key));
        return (V) deserialize(result);
    }

通过在这个方法打断点,查看调用栈,发现大部分时候都是被"session.getAttribute(key)"这个方法调用.

想问下能不能有什么办法可以减少redis io调用呢?

已知版本 2.8.24 RedisCacheManager 缓存用户权限不正确。

缓存用户权限信息永远只有一条缓存记录，多角色情况下会出现权限复盖

分布式系统中的使用问题

manager用ConcurrentMap来管理所有的cache,在分布式系统中,怎么保证两个节点上的ConcurrentMap是同步的?

java.lang.ClassCastException: com.github.flowerwrong.admin.shiro.CustomUser cannot be cast to com.github.flowerwrong.admin.shiro.CustomUser

经过测试发现，如果new SimpleAuthenticationInfo(sysUser, hashedPassword, getName())第一个参数是对象的时候，java.lang.ClassCastException异常，看了下打印出来是subject.getPrincipal().getClass() == 'CustomUser'，而不是Object。如果new SimpleAuthenticationInfo(username, hashedPassword, getName()) 第一个参数改成string，就可以正常使用。猜想是不是redis序列号有问题。

  /**
   * 认证
   */
  @Override
  protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken)
      throws AuthenticationException {
    UsernamePasswordToken token = (UsernamePasswordToken) authenticationToken;
    String username = token.getUsername();

    SysUser sysUser = userMapperExt.selectOneByExample(
        new SysUserExample().createCriteria().andUsernameEqualTo(username).example());

    if (sysUser == null) {
      throw new UnknownAccountException(); // 没找到帐号
    }
    if (sysUser.getCanLoginOrNot().equals(0)) {
      throw new LockedAccountException(); // 帐号锁定
    }

    String hashedPassword = sysUser.getPassword();
    return new SimpleAuthenticationInfo(sysUser, hashedPassword, getName());
  }

项目源码

出错地点

shiro-redis从2.4升级到3.0后报错

错误信息如下
org.crazycake.shiro.exception.PrincipalInstanceException: Principal must implement org.crazycake.shiro.AuthCachePrincipal.
shiro-redis will get the key for store authorization object in Redis from org.crazycake.shiro.AuthCachePrincipal
So please use AuthCachePrincipal to tell shiro-redis how to get the cache key
For example: There is a class UserInfo which implements org.crazycake.shiro.AuthCachePrincipal. You can use this class to initial SimpleAuthenticationInfo like this:
UserInfo userInfo = new userInfo();
new SimpleAuthenticationInfo(userInfo, "123456", "realm1")
at org.crazycake.shiro.RedisCache.getRedisKeyFromPrincipalCollection(RedisCache.java:134) ~[shiro-redis-3.0.0.jar:na]
at org.crazycake.shiro.RedisCache.getStringRedisKey(RedisCache.java:123) ~[shiro-redis-3.0.0.jar:na]
at org.crazycake.shiro.RedisCache.getRedisCacheKey(RedisCache.java:112) ~[shiro-redis-3.0.0.jar:na]
at org.crazycake.shiro.RedisCache.get(RedisCache.java:61) ~[shiro-redis-3.0.0.jar:na]
at org.apache.shiro.realm.AuthorizingRealm.getAuthorizationInfo(AuthorizingRealm.java:328) ~[shiro-core-1.3.2.jar:1.3.2]
at org.apache.shiro.realm.AuthorizingRealm.isPermitted(AuthorizingRealm.java:462) ~[shiro-core-1.3.2.jar:1.3.2]
at org.apache.shiro.realm.AuthorizingRealm.isPermitted(AuthorizingRealm.java:458) ~[shiro-core-1.3.2.jar:1.3.2]
at org.apache.shiro.authz.ModularRealmAuthorizer.isPermitted(ModularRealmAuthorizer.java:223) ~[shiro-core-1.3.2.jar:1.3.2]

开启授权缓存，发现只缓存了一条

你重写了RedisCache类，调用了getRedisKeyFromPrincipalCollection方法，传来了PrincipalCollection对象，但是这里面返回授权的key只是这种形式shiro:cache:shiro#Authorization:com.thorgene.common.shiro.UsernamePasswordRealm_0
导致，登录不同的账号，授权信息只缓存到了第一个登录的账号

`
private Object getRedisKeyFromPrincipalCollection(PrincipalCollection key) {
Object redisKey;
List realmNames = getRealmNames(key);
Collections.sort(realmNames);
redisKey = joinRealmNames(realmNames);
return redisKey;
}

Will this work correctly if RedisSessionDAO is not set

Will this work correctly if RedisSessionDAO is not used, just the RedisManager and RedisCacheManager are initialized and set as the cache manager for shiro ?

关于使用shiro-redis的会话管理的问题

现在需要通过session监听进行会话管理，但是配置的RedisManager的过期不能触发shiro的会话过期，设置shiro的过期也不能自动完成redis的缓存更新

nginx集群subject共享

请问怎么实现nginx集群情况下，不同服务器（如tomcat）的session和subject的权限共享

org.crazycake.shiro.RedisManager。可不可以支持注入jedisPool，而不是自己产生一个jedisPool实例。

/**
	 * 初始化方法
	 */
	public void init(){
		if(jedisPool == null){
			if(password != null && !"".equals(password)){
				jedisPool = new JedisPool(new JedisPoolConfig(), host, port, timeout, password);
			}else if(timeout != 0){
				jedisPool = new JedisPool(new JedisPoolConfig(), host, port,timeout);
			}else{
				jedisPool = new JedisPool(new JedisPoolConfig(), host, port);
			}
			
		}
	}

增加redis的database配置

目前并没有redis的database配置
`/**
* 初始化方法
*/
public void init(){
if(jedisPool == null){
if(password != null && !"".equals(password)){
jedisPool = new JedisPool(new JedisPoolConfig(), host, port, timeout, password);
}else if(timeout != 0){
jedisPool = new JedisPool(new JedisPoolConfig(), host, port,timeout);
}else{
jedisPool = new JedisPool(new JedisPoolConfig(), host, port);
}

	}
}`

3.0版本 RedisSessionDAO sessionsInThread 问题

ThreadLocal sessionsInThread 无 remove 调用。如果一直是新线程将会耗费大量内存。如果是线程池的情况将有可能获取上一次的上下文

如果是解决单次调用多次使用调用doReadSession的问题建议还是与 request 关联上

redis集群

redis目前部署的是集群，3个节点， 3个不同的端口
RedisManager redisManager = new RedisManager();
redisManager.setHost(host);
redisManager.setPort(port);
redisManager.setExpire(1800);// 配置缓存过期时间
redisManager.setTimeout(timeout);

这个地方的host和port如何配置呢，谢谢

实现权限和认证缓存的原理是什么，如果要实现登录退出时清除缓存该如何实现？

作者你好，因为本人对redis不是很熟，直接采用该框架确实方便了很多。如标题所述，我想实现退出时清除登录时的认证和授权，请问该如何实现，希望能点拨一下，我再去研究，谢谢！

增加redis后多次执行update session

测试中我发现shiro自身会多次获取缓存的数据执行updateSession方法，有什么好的解决办法吗？

非常感谢您提供的解决方案

与CAS结合使用貌似不行

不知道有没有考虑认证后返回SimpleAuthenticationInfo时与CAS结合使用的问题，我没有找到好的方法，不知道作者有何解决方案？

怎么配置实现shiro 的认证缓存

如题

序列化问题

请问大家是否有遇到SimpleSession的反序列化问题？session里边放置了一个整数。
虽然可以序列化，但是不能正常的反序列化，请问大家谁遇到了

关于 SimpleSession 几个关键transient字段的序列化问题

你好，我想问一下,对于shiro SimpleSession类，有下面
private transient Serializable id;
private transient Date startTimestamp;
private transient Date stopTimestamp;
private transient Date lastAccessTime;
private transient long timeout;
private transient boolean expired;
private transient String host;
private transient Map<Object, Object> attributes;
字段都是 transient 的，作者也给了讨论经历：
// ==============================================================
// NOTICE:
//
// The following fields are marked as transient to avoid double-serialization.
// They are in fact serialized (even though 'transient' usually indicates otherwise),
// but they are serialized explicitly via the writeObject and readObject implementations
// in this class.
//
// If we didn't declare them as transient, the out.defaultWriteObject(); call in writeObject would
// serialize all non-transient fields as well, effectively doubly serializing the fields (also
// doubling the serialization size).
//
// This finding, with discussion, was covered here:
//
// http://mail-archives.apache.org/mod_mbox/shiro-user/201109.mbox/%[email protected]%3E
//
// ==============================================================
加上这个，是为了避免二次序列化，如果用redis来存储的话，应该会无视transient特性，这样会不会违背作者的意图？
版本是shiro-core-1.4.0

spring 版本问题

在spring4.0.7.RELEASE下运行正常，切换到4.1.4.RELEASE发现如下异常：
Caused by: java.lang.ClassCastException: java.util.LinkedList cannot be cast to org.apache.shiro.session.Session
at org.crazycake.shiro.RedisSessionDAO.getActiveSessions(RedisSessionDAO.java:66)
at org.apache.shiro.session.mgt.DefaultSessionManager.getActiveSessions(DefaultSessionManager.java:244)
at org.apache.shiro.session.mgt.AbstractValidatingSessionManager.validateSessions(AbstractValidatingSessionManager.java:276)
at org.apache.shiro.session.mgt.quartz.QuartzSessionValidationJob.execute(QuartzSessionValidationJob.java:80)
at org.quartz.core.JobRunShell.run(JobRunShell.java:223)

org.crazycake.shiro.RedisCache.keys() 返回键值不匹配的问题

如果使用其他对象（比如 java.util.Date）做 K ，那么keys() 返回的K结果集只是字符串而已，并非是我想要的K

关于 shiro-redis的2点建议或者疑问

@alexxiyang
由于没法回邮件。只好在这里交流一下。
我是从2.4.2.1-RELEASE开始用贵框架的

关于 shiro-redis的2点建议或者疑问
1.关于AuthCachePrincipal 接口。定义一个接口固然比较好
但同时导致对原有代码有一定的侵入性。能不能考虑如果实现了AuthCachePrincipal 则以AuthCachePrincipal 为准
如果没有实现AuthCachePrincipal 接口。则通过默认反射 getId() getUniqeId() getCode(）之类的固定方法来实现
获取凭证的唯一标识。或者支持 setAuthCacheKeyMethod 这样不至于需要修改原来的代码。只需要修改配置或者shiro相关配置代码即可
2.我不知道出于什么原因最近发布的版本中把从 session中获取过期时间改成 RedisSessionDAO.setExpire
我觉得可以保留RedisSessionDAO.setExpire 如果没有主动 setExpire 还是以 session中的gettimeout为准会好一些
shiro-redis 作为 shiro 缓存以及session共享持久的补充。最好是设置尽量以shiro中的设置为准。当然可以支持shiro-redis独立设置。在保持shiro固有的用法上添加 shiro-redis独有的支持。

当下spring boot 盛行。是否可以考虑支持starter 这样cachemanager 或者 sessiondao都可以得到一定的简化

principalIdFieldName 属性应用问题

在整合期间，只要操作涉及到权限都会报以下错误：
class java.lang.String must has getter for field: authCacheKey or id We need a field to identify this Cache Object in Redis. So you need to defined an id field which you can get unique id to identify this principal. For example, if you use UserInfo as Principal class, the id field maybe userId, userName, email, etc. For example, getUserId(), getUserName(), getEmail(), etc. Default value is authCacheKey or id, that means your principal object has a method called "getAuthCacheKey()" or "getId()"
能否解答一下这个属性设置时需要注意什么，该属性有什么用处。

在线人数统计

请问把session保存在redis里，做在线人数统计怎么做？