Can't Use Shiro's Subject in Spring Decorator Controller
https://stackoverflow.com/questions/12585956
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianQuestion
I'm using Spring with Shiro, and in my Spring project I have a decorator controller that displays a decorator page via sitemesh. The decorator page adds onto every page navigation links, like login and logout.
I want login and logout to appear based on whether someone is actually logged in or not, so I figured the way to do that was this:
@Controller
public class DecoratorController extends AbstractController{
@Override
@RequestMapping(value = "/decorator.htm")
protected ModelAndView handleRequestInternal(HttpServletRequest request,
HttpServletResponse response) throws Exception {
ModelAndView model = new ModelAndView("DecoratorPage");
Subject currentUser = SecurityUtils.getSubject();
if (currentUser.isAuthenticated())
model.addObject("login", "display: none;");
else
model.addObject("logout", "display: none;");
return model;
}
}
sitemesh.xml:
<sitemesh>
<mapping path="/*.htm" decorator="/decorator.htm"/>
</sitemesh>
However, this results in the error:
No SecurityManager accessible to the calling code, either bound to the org.apache.shiro.util.ThreadContext or as a vm static singleton. This is an invalid application configuration.
Why can't I use Shiro here but I can use it in other controllers?
La solution
Coworker discovered that the problem lies in the order that the beans are created. Definition of Shiro filter should appear before defining Sitemesh.
