已经在ShiroWebModule中配置了org.apache.shiro.web.filter.authc.LogoutFilter

Question

我使用的是Shiro 1.7.1和Guice 4.2.3，下面是我的POM文件的片段。

  <properties>
    <shiro.version>1.7.1</shiro.version>
    <guice.version>4.2.3</guice.version>
  </properties>
  <dependencies>
    <dependency>
      <groupId>org.apache.shiro</groupId>
      <artifactId>shiro-web</artifactId>
      <version>${shiro.version}</version>
    </dependency>
    <dependency>
      <groupId>org.apache.shiro</groupId>
      <artifactId>shiro-guice</artifactId>
      <version>${shiro.version}</version>
    </dependency>
    <dependency>
      <groupId>org.apache.shiro</groupId>
      <artifactId>shiro-ehcache</artifactId>
      <version>${shiro.version}</version>
    </dependency>
    <dependency>
      <groupId>com.google.inject</groupId>
      <artifactId>guice</artifactId>
      <version>${guice.version}</version>
    </dependency>
    <dependency>
      <groupId>com.google.inject.extensions</groupId>
      <artifactId>guice-servlet</artifactId>
      <version>${guice.version}</version>
    </dependency>
    <dependency>
      <groupId>javax.servlet</groupId>
      <artifactId>javax.servlet-api</artifactId>
      <version>3.1.0</version>
      <scope>provided</scope>
    </dependency>
    ...
  </dependencies>

我正在通过创建一个新的类来定制Shiro的LogoutFilter，

package com.myshiro.myshiro;


import org.apache.shiro.web.filter.authc.LogoutFilter;

public class MyLogoutFilter extends LogoutFilter {
}

并将上述定制的MyLogoutFilter绑定org.apache.shiro.web.filter.authc.LogoutFilter，

package com.myshiro.myshiro;

public class MyShiroModule extends ShiroWebModule {

    public MyShiroModule(ServletContext servletContext) {
        super(servletContext);
    }

    protected void configureShiroWeb() {
        try {
            bindRealm().toConstructor(IniRealm.class.getConstructor(Ini.class));
        } catch (NoSuchMethodException e) {
            addError(e);
        }
        bind(org.apache.shiro.web.filter.authc.LogoutFilter.class).to(MyLogoutFilter.class).in(Scopes.SINGLETON);
        addFilterChain("/logout", LOGOUT);
    }
}

我尝试在单元测试类中创建Guice注入器，如下所示，

public class MyShiroModuleTest {

    @Mock
    private ServletContext servletContext;

    @Test
    public void test() {
        Guice.createInjector(new MyShiroModule(servletContext));
    }
}

它失败了，错误如下：

1) Binding to null instances is not allowed. Use toProvider(Providers.of(null)) if this is your intended behaviour.
  at org.apache.shiro.guice.web.ShiroWebModule.configureShiro(ShiroWebModule.java:136)

2) A binding to org.apache.shiro.web.filter.authc.LogoutFilter was already configured at com.myshiro.myshiro.MyShiroModule.configureShiroWeb(MyShiroModule.java:25).
  at org.apache.shiro.guice.web.ShiroWebModule.setupFilterChainConfigs(ShiroWebModule.java:209)

从上面的第二个注释中，它解释了到org.apache.shiro.web.filter.authc.LogoutFilter的绑定已经在MyShiroModule和ShiroWebModule中进行了配置。你知道如何绑定到我定制的LogoutFilter吗？

这个问题在Shiro 1.3.x中没有发生。

我的示例项目是可用的here，当您mvn clean install时，您可以简单地看到错误。

Answer 1

听起来你的问题是和Guice 4有关的，而不是Shiro。不是重用相同的绑定键，而是定义一个新的绑定键，如下所示：

bind(MyLogoutFilter.class).to(MyLogoutFilter.class).in(Scopes.SINGLETON);
addFilterChain("/logout", Key.get(MyLogoutFilter.class));