SecurityUtils.getSubject().getPrincipal()为null的问题怎么解决

本篇内容主要讲解“SecurityUtils.getSubject().getPrincipal()为null的问题怎么解决”，感兴趣的朋友不妨来看看。本文介绍的方法操作简单快捷，实用性强。下面就让小编来带大家学习“SecurityUtils.getSubject().getPrincipal()为null的问题怎么解决”吧!

SecurityUtils.getSubject().getPrincipal()为null

我在项目中获取getUserId(),和getUserName()获取不到值。

他们都是通过SecurityUtils.getSubject().getPrincipal()去获取的。

反复测试发现原因是 ：在shiroConfig里面：

该方法，注意（是该接口名）被写为anon,不通过验证，即：

filterMap.put("/druid  public class StatelessSessionManager extends DefaultWEBSessionManager {            public final static String TOKEN_NAME = "TOKEN";            public final static String HEADER_TOKEN_NAME = "token";      public final static Logger LOG =         LoggerFactory.getLogger(StatelessSessionManager.class);        @Override      public Serializable getSessionId(SessionKey key) {          Serializable sessionId = key.getSessionId();          if(sessionId == null){              httpservletRequest request = WebUtils.getHttpRequest(key);              HttpServletResponse response = WebUtils.getHttpResponse(key);              sessionId = this.getSessionId(request,response);          }          HttpServletRequest request = WebUtils.getHttpRequest(key);          request.setAttribute(TOKEN_NAME,sessionId.toString());          return sessionId;      }        @Override      protected Serializable getSessionId(ServletRequest servletRequest, ServletResponse servletResponse) {          HttpServletRequest request = (HttpServletRequest) servletRequest;          String token = request.getHeader(HEADER_TOKEN_NAME);          if(token == null){              token = UUID.randomUUID().toString();          }            //这段代码还没有去查看其作用，但是这是其父类中所拥有的代码，重写完后我复制了过来...开始          request.setAttribute(ShiroHttpServletRequest.REFERENCED_SESSION_ID_SOURCE,                  ShiroHttpServletRequest.COOKIE_SESSION_ID_SOURCE);          request.setAttribute(ShiroHttpServletRequest.REFERENCED_SESSION_ID, token);          request.setAttribute(ShiroHttpServletRequest.REFERENCED_SESSION_ID_IS_VALID, Boolean.TRUE);          request.setAttribute(ShiroHttpServletRequest.SESSION_ID_URL_REWRITING_ENABLED, isSessionIdUrlRewritingEnabled());          //这段代码还没有去查看其作用，但是这是其父类中所拥有的代码，重写完后我复制了过来...结束          return token;      }}     @RequestMapping("/")      public void login(@RequestParam("code")String code, HttpServletRequest request){          Map<String,Object> data = new HashMap<>();          if(SecurityUtils.getSubject().isAuthenticated()){  　　　　　　　　//这里代码着已经登陆成功，所以自然不用再次认证，直接从rquest中取出就行了，              data.put(StatelessSessionManager.HEADER_TOKEN_NAME,getServerToken());              data.put(BIND,ShiroKit.getUser().getTel() != null);              response(data);          }          LOG.info("授权码为:" + code);          AuthorizationService authorizationService = authorizationFactory.getAuthorizationService(Constant.clientType);          UserDetail authorization = authorizationService.authorization(code);            Oauth3UserDetail userDetail = (Oauth3UserDetail) authorization;            loginService.login(userDetail);          User user = userService.saveUser(userDetail,Constant.clientType.toString());          ShiroKit.getSession().setAttribute(ShiroKit.USER_DETAIL_KEY,userDetail);          ShiroKit.getSession().setAttribute(ShiroKit.USER_KEY,user);          data.put(BIND,user.getTel() != null);  　　　　//这里的代码，必须放到login之执行，因为login后，才会创建session，才会得到最新的token咯          data.put(StatelessSessionManager.HEADER_TOKEN_NAME,getServerToken());          response(data);      }}

import org.apache.shiro.mgt.SecurityManager;  import org.apache.shiro.realm.Realm;  import org.apache.shiro.spring.LifecycleBeanPostProcessor;  import org.apache.shiro.spring.web.ShiroFilterFactoryBean;  import org.apache.shiro.web.mgt.DefaultWebSecurityManager;  import org.springframework.context.annotation.Bean;  import org.springframework.context.annotation.Configuration;    import java.util.LinkedHashMap;  import java.util.Map;      @Configuration  public class ShiroConfiguration {        @Bean      public LifecycleBeanPostProcessor lifecycleBeanPostProcessor(){          return new LifecycleBeanPostProcessor();      }              @Bean      public SecurityManager securityManager(Realm realm){          DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager();          securityManager.setSessionManager(new StatelessSessionManager());          securityManager.setRealm(realm);          return securityManager;      }        @Bean      public ShiroFilterFactoryBean shiroFilterFactoryBean(SecurityManager securityManager){          ShiroFilterFactoryBean bean = new ShiroFilterFactoryBean();          bean.setSecurityManager(securityManager);            Map<String,String> map = new LinkedHashMap<>();          map.put("/public/**","anon");          map.put("/login/**","anon");          map.put("/**","user");          bean.setFilterChainDefinitionMap(map);            return bean;      }  }

到此，相信大家对“SecurityUtils.getSubject().getPrincipal()为null的问题怎么解决”有了更深的了解，不妨来实际操作一番吧！这里是编程网网站，更多相关内容可以进入相关频道进行查询，关注我们，继续学习！