原因是shiro登录时设置了rememberMe,而服务重启时浏览器还用之前保留的cookie请求服务端接口,报错:
org.apache.shiro.crypto.CryptoException: Unable to execute 'doFinal' with cipher instance [javax.crypto.Cipher@7ef11ea1]ShiroConfig配置文件中添加remeberMeManager配置:
@Bean
public CookieRememberMeManager rememberMeManager(SimpleCookie rememberMeCookie) {
CookieRememberMeManager manager = new CookieRememberMeManager();
manager.setCipherKey("1234567890123456".getBytes());
manager.setCookie(rememberMeCookie);
return manager;
}
/**
* 记住密码Cookie
*/
@Bean
public SimpleCookie rememberMeCookie() {
SimpleCookie simpleCookie = new SimpleCookie("rememberMe");
simpleCookie.setHttpOnly(true);
simpleCookie.setMaxAge(30 * 24 * 60 * 60);
return simpleCookie;
}同时在securityManager中设置rememberMeManager:
@Bean
public DefaultWebSecurityManager securityManager(RedisManager redisManager) {
DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager();
securityManager.setRealm(this.accountRealm());
securityManager.setCacheManager(redisCacheManager(redisManager));
securityManager.setRememberMeManager(rememberMeManager(rememberMeCookie()));
securityManager.setSessionManager(defaultWebSessionManager(redisManager));
securityManager.setSubjectFactory(this.subjectFactory());
return securityManager;
}重启服务之后正常。
注意:本文归作者所有,未经作者允许,不得转载
