CAS+Shiro custom pac4jRealm will repeat the doGetAuthorizationInfo () twice every time you judge the permission.

the code is as follows: 

public class UserRealm extends Pac4jRealm(){
  
  @Override
  public AuthorizationInfo  doGetAuthorizationInfo(PrincipalCollection principals) {
    // TODO Auto-generated method stub
    System.out.println("Onece");
    Set<String> roles=new HashSet()<>;
    roles.add("admin");
    SimpleAuthorizationInfo authorizationInfo = new SimpleAuthorizationInfo();
    authorizationInfo.setRoles(roles);
    return authorizationInfo ;
}

there is a method in the controller layer 

    @RequestMapping("/hello2")
    @ResponseBody
    public String hello2() {
        SecurityUtils.getSubject().checkRoles("user");
        return "success";
    }

when executing chekRoles, the doGetAuthorizationInfo () method is executed but two "Onece" are printed. What is the reason for this?

Shiro cas
Mar.09,2021

I'm sorry to give the answer to the question now (please correct my wrong opinion only) my point of view is not necessarily correct for reference only:
this question is actually clearer under a different title: that is, the Spring Aop annotation is executed twice and the method body is executed once!
using CGLIB dynamic proxy in my business scenario to process intercept through DynamicAdvisedInterceptor is the aop processing entry:
contains four parameters, the first is the proxy method, the second is the target method, the third is the method parameter, the fourth is the method proxy information 

    @Override
    public Object intercept(Object proxy, Method method, Object[] args, MethodProxy methodProxy) throws Throwable {
        Object oldProxy = null;
        boolean setProxyContext = false;
        Class<?> targetClass = null;
        Object target = null;
        try {
            if (this.advised.exposeProxy) {
                // Make invocation available if necessary.
                oldProxy = AopContext.setCurrentProxy(proxy);
                setProxyContext = true;
            }
            // May be null. Get as late as possible to minimize the time we
            // "own" the target, in case it comes from a pool...
            target = getTarget();
            if (target != null) {
                targetClass = target.getClass();
            }
            List<Object> chain = this.advised.getInterceptorsAndDynamicInterceptionAdvice(method, targetClass);
            Object retVal;
            // Check whether we only have one InvokerInterceptor: that is,
            // no real advice, but just reflective invocation of the target.
            if (chain.isEmpty() && Modifier.isPublic(method.getModifiers())) {
                // We can skip creating a MethodInvocation: just invoke the target directly.
                // Note that the final invoker must be an InvokerInterceptor, so we know
                // it does nothing but a reflective operation on the target, and no hot
                // swapping or fancy proxying.
                Object[] argsToUse = AopProxyUtils.adaptArgumentsIfNecessary(method, args);
                retVal = methodProxy.invoke(target, argsToUse);
            }
            else {
                // We need to create a method invocation...
                retVal = new CglibMethodInvocation(proxy, target, method, args, targetClass, chain, methodProxy).proceed();
            }
            retVal = processReturnType(proxy, target, method, retVal);
            return retVal;
        }
        finally {
            if (target != null) {
                releaseTarget(target);
            }
            if (setProxyContext) {
                // Restore old proxy.
                AopContext.setCurrentProxy(oldProxy);
            }
        }
    }

find out the reason for the appearance of bug through the break point:

clipboard.png
!!!

clipboard.png
!!!

clipboard.png
currently my pub-shiro project relies on the pub-datasource module and the pub-datasource module uses 

@Aspect
@EnableAspectJAutoProxy(exposeProxy=true,proxyTargetClass=true)
@Component

I used the cglib proxy and then injected the DefaultAdvisorAutoProxyCreator agent into the shiroConfig. There is a difference between the two agents and the reason for this problem. I have also come to the answer in my research that the answer will be updated
this question is that the Spring Aop annotation is executed twice and the method body is executed once! Agent 1, Agent 2, and Agent 2, the real method! This is why the permission verification method is executed twice in shiro and the real method body is executed once

I also execute it twice. Have you solved it?

check whether DefaultAdvisorAutoProxyCreator, is configured. As I say on the Internet, the doGetAuthorizationInfo () method will also be called twice. It is normal to remove the Bean definition of DefaultAdvisorAutoProxyCreator. You can try!

Previous: How does php get the value of the penultimate element of the array?

Next: Github pages is bound to the domain name, so I can't log on my blog directly.

css mysql arrays josn react html typescript webpack npm sass R objective-c .net sql-server jquery python-3.x angularjs django angular excel regex iphone ajax linux xml pandas vba spring database wordpress string wpf xcode windows bash postgresql oracle multithreading eclipse list firebase algorithm macos forms image scala visual-studio azure bootstrap spring-boot react-native python-2.7 docker performance function winforms matlab powershell apache dataframe api sqlite numpy rest shell selenium flutter dart maven loops qt swing android-studio csv express file class tensorflow sorting codeigniter perl
© 2021 CodesHelper
Advertising Contact us About us
Menu