问题描述
我使用的是 Shiro 1.7.1 和 Guice 4.2.3,下面是我的 POM 文件的片段,
<properties>
<shiro.version>1.7.1</shiro.version>
<guice.version>4.2.3</guice.version>
</properties>
<dependencies>
<dependency>
<groupId>org.apache.shiro</groupId>
<artifactId>shiro-web</artifactId>
<version>${shiro.version}</version>
</dependency>
<dependency>
<groupId>org.apache.shiro</groupId>
<artifactId>shiro-guice</artifactId>
<version>${shiro.version}</version>
</dependency>
<dependency>
<groupId>org.apache.shiro</groupId>
<artifactId>shiro-ehcache</artifactId>
<version>${shiro.version}</version>
</dependency>
<dependency>
<groupId>com.google.inject</groupId>
<artifactId>guice</artifactId>
<version>${guice.version}</version>
</dependency>
<dependency>
<groupId>com.google.inject.extensions</groupId>
<artifactId>guice-servlet</artifactId>
<version>${guice.version}</version>
</dependency>
<dependency>
<groupId>javax.servlet</groupId>
<artifactId>javax.servlet-api</artifactId>
<version>3.1.0</version>
<scope>provided</scope>
</dependency>
...
</dependencies>
我正在通过创建一个新类来自定义 Shiro 的 logoutFilter,
package com.myshiro.myshiro;
import org.apache.shiro.web.filter.authc.logoutFilter;
public class MylogoutFilter extends logoutFilter {
}
并将org.apache.shiro.web.filter.authc.logoutFilter绑定到上面自定义的MylogoutFilter,
package com.myshiro.myshiro;
public class MyShiroModule extends ShiroWebModule {
public MyShiroModule(ServletContext servletContext) {
super(servletContext);
}
protected void configureShiroWeb() {
try {
bindRealm().toConstructor(IniRealm.class.getConstructor(Ini.class));
} catch (NoSuchMethodException e) {
addError(e);
}
bind(org.apache.shiro.web.filter.authc.logoutFilter.class).to(MylogoutFilter.class).in(Scopes.SINGLetoN);
addFilterChain("/logout",logoUT);
}
}
我尝试在单元测试类中像这样创建 Guice 注入器,
public class MyShiroModuleTest {
@Mock
private ServletContext servletContext;
@Test
public void test() {
Guice.createInjector(new MyShiroModule(servletContext));
}
}
它因以下错误而失败,
1) Binding to null instances is not allowed. Use toProvider(Providers.of(null)) if this is your intended behavIoUr.
at org.apache.shiro.guice.web.ShiroWebModule.configureShiro(ShiroWebModule.java:136)
2) A binding to org.apache.shiro.web.filter.authc.logoutFilter was already configured at com.myshiro.myshiro.MyShiroModule.configureShiroWeb(MyShiroModule.java:25).
at org.apache.shiro.guice.web.ShiroWebModule.setupFilterChainConfigs(ShiroWebModule.java:209)
从上面的第二个注释中,它解释了与 org.apache.shiro.web.filter.authc.logoutFilter 的绑定已经在 MyShiroModule 和 ShiroWebModule 中配置。你知道如何绑定到我自定义的 logoutFilter 吗?
这个问题在 Shiro 1.3.x 中没有发生。
我的示例项目可用 here,您只需在 mvn clean install 时就可以看到错误。
解决方法
听起来您的问题与 Guice 4 有关,而与 Shiro 无关。与其重复使用相同的绑定键,不如定义一个新的绑定键,例如:
bind(MyLogoutFilter.class).to(MyLogoutFilter.class).in(Scopes.SINGLETON);
addFilterChain("/logout",Key.get(MyLogoutFilter.class));