shiro 1.2.2和1.2.3
为shiro设置了缓存,但是当服务器运行几个小时后,页面判断
<shiro:hasPermission name="admin">
<li class="mail">有权限
</li>
</shiro:hasPermission>
一直未显示。重新登陆也无效。判断问题应该是,实际缓存失效了,但是框架仍然认为有效。
尝试无效办法
(1)
倘若把shiro对应的ehcache配置文章,该掉设置,
timeToIdleSeconds="10"
timeToLiveSeconds="10"
该问题依旧出现。但出问题频次减少
(2)在application-shiro里面添加
<bean id="sessionManager"
class="org.apache.shiro.web.session.mgt.DefaultWebSessionManager">
<!-- 超时时间 -->
<property name="globalSessionTimeout" value="3600" />
<property name="sessionDAO" ref="sessionDAO" />
<!-- 定时检查失效的session -->
<property name="sessionValidationSchedulerEnabled" value="true" />
</bean>
<bean id="sessionDAO"
class="org.apache.shiro.session.mgt.eis.EnterpriseCacheSessionDAO">
<property name="activeSessionsCacheName" value="shiro-activeSessionCache" />
</bean>
依旧没用
google到 http://stackoverflow.com/questions/17657283/cache-invalidate-not-working-in-shiro
(3)验证权限的时候,主动清除缓存。
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException { ... SimplePrincipalCollection principals = new SimplePrincipalCollection(username, "jndiJdbcRealm"); super.doClearCache(principals); ...}
最后,在日志里面发现
15:31:24.379 [main] DEBUG o.a.shiro.realm.AuthorizingRealm - No authorizationCache instance set. Checking for a cacheManager...
15:31:24.379 [main] INFO o.a.shiro.realm.AuthorizingRealm - No cache or cacheManager properties have been set. Authorization cache cannot be obtained.
15:31:24.405 [main] DEBUG o.a.s.s.LifecycleBeanPostProcessor - Initializing bean [shiroEhcacheManager]...
在shiroDbRealm里面添加这一句
<property name="cacheManager" ref="shiroEhcacheManager" />
问题解决