org.apache.shiro.crypto.CryptoException: Unable to execute 'doFinal' with cipher instance [javax.crypto.Cipher@4e025e0a].
    at org.apache.shiro.crypto.JcaCipherService.crypt(JcaCipherService.java:462)
    at org.apache.shiro.crypto.JcaCipherService.crypt(JcaCipherService.java:445)
    at org.apache.shiro.crypto.JcaCipherService.decrypt(JcaCipherService.java:390)
    at org.apache.shiro.crypto.JcaCipherService.decrypt(JcaCipherService.java:382)
    at org.apache.shiro.mgt.AbstractRememberMeManager.decrypt(AbstractRememberMeManager.java:482)
    at org.apache.shiro.mgt.AbstractRememberMeManager.convertBytesToPrincipals(AbstractRememberMeManager.java:419)
    at org.apache.shiro.mgt.AbstractRememberMeManager.getRememberedPrincipals(AbstractRememberMeManager.java:386)
    at org.apache.shiro.mgt.DefaultSecurityManager.getRememberedIdentity(DefaultSecurityManager.java:604)
    at org.apache.shiro.mgt.DefaultSecurityManager.resolvePrincipals(DefaultSecurityManager.java:492)
    at org.apache.shiro.mgt.DefaultSecurityManager.createSubject(DefaultSecurityManager.java:342)
    at org.apache.shiro.subject.Subject$Builder.buildSubject(Subject.java:846)
    at org.apache.shiro.web.subject.WebSubject$Builder.buildWebSubject(WebSubject.java:148)
    at org.apache.shiro.web.servlet.AbstractShiroFilter.createSubject(AbstractShiroFilter.java:292)
    at org.apache.shiro.web.servlet.AbstractShiroFilter.doFilterInternal(AbstractShiroFilter.java:359)
    at org.apache.shiro.web.servlet.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:125)
    at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:346)
    at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:262)
    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
    at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:200)
    at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:96)
    at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:490)
    at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:139)
    at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:92)
    at org.apache.catalina.valves.AbstractAccessLogValve.invoke(AbstractAccessLogValve.java:678)
    at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:74)
    at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:343)
    at org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:408)
    at org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:66)
    at org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:836)
    at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1747)
    at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49)
    at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
    at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
    at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
    at java.lang.Thread.run(Thread.java:748)
Caused by: javax.crypto.BadPaddingException: Given final block not properly padded. Such issues can arise if a bad key is used during decryption.
    at com.sun.crypto.provider.CipherCore.unpad(CipherCore.java:975)
    at com.sun.crypto.provider.CipherCore.fillOutputBuffer(CipherCore.java:1056)
    at com.sun.crypto.provider.CipherCore.doFinal(CipherCore.java:853)
    at com.sun.crypto.provider.AESCipher.engineDoFinal(AESCipher.java:446)
    at javax.crypto.Cipher.doFinal(Cipher.java:2164)
    at org.apache.shiro.crypto.JcaCipherService.crypt(JcaCipherService.java:459)
    ... 35 more

每次登陆都会报这个错误,尝试了很多次都没解决,代码重编译后清除浏览器cookie登陆就会出现这个报错,虽然不影响登陆但是看着很不爽!!!!

问题产生的原因是rememberMe的cookie在第二次打开页面后shiro无法解密,经过查询资料以及代码跟踪发现了原因所在

先附上rememberMe管理器配置

    @Bean
    public CookieRememberMeManager cookieRememberMeManager() {
        CookieRememberMeManager cookieRememberMeManager = new CookieRememberMeManager();
        SimpleCookie simpleCookie = new SimpleCookie("rememberMe");
        simpleCookie.setMaxAge(259200000);
        cookieRememberMeManager.setCookie(simpleCookie);
        return cookieRememberMeManager;
    }

然后跟踪管理器源码发现,rememberMeManager继承了AbstractRememberMeManager,然而AbstractRememberMeManager的构造方法中每次都会重新生成对称加密密钥!!!!意味着每次重启程序都会重新生成一对加解密密钥!!!

    public AbstractRememberMeManager() {
        this.serializer = new DefaultSerializer<PrincipalCollection>();
        AesCipherService cipherService = new AesCipherService();
        this.cipherService = cipherService;
        setCipherKey(cipherService.generateNewKey().getEncoded());
    }

    public void setCipherKey(byte[] cipherKey) {
        //Since this method should only be used in symmetric ciphers
        //(where the enc and dec keys are the same), set it on both:
        setEncryptionCipherKey(cipherKey);
        setDecryptionCipherKey(cipherKey);
    }

这就会导致了,第一次启动程序shiro使用A密钥加密了cookie,第二次启动程序shiro重新生成了密钥B,当用户访问页面时,shiro会用密钥B去解密上一次用密钥A加密的cookie,导致解密失败,导致报错,所以这不影响用户登录操作(rememberMe失效罢了),所以这种异常只会在程序重启(shiro清除session)第一次打开页面的时候出现

解决办法:

既然每次重启都会重新生成一对密钥,那我们就手动设置一个加解密密钥,主动设置cipherkey!!xml配置方式

    <bean id="rememberMeManager" class="org.apache.shiro.web.mgt.CookieRememberMeManager">
        <property name="cipherKey" value="#{T(org.apache.shiro.codec.Base64).decode('6ZmI6I2j5Y+R5aSn5ZOlAA==')}"/>
        <property name="cookie" ref="rememberCookie"/>     
    </bean>

 

Unable to execute 'doFinal' with cipher instance [javax.crypto.Cipher@4e025e0a]的更多相关文章

  1. Unable to execute 'doFinal' with cipher instance

    今天项目启动后登录项目,突然爆出Unable to execute 'doFinal' with cipher instance错误.清除cookie登录测试,又不报错了,以前也见过类似问题,因为不影 ...

  2. IDEA算法导包后 import javax.crypto.Cipher; import javax.crypto.KeyGenerator; import javax.crypto.SecretKey;报错

    仔细查看报错原因就能知道,报错是因为包冲突的原因,可以每种只放一个jar包,就能过避免这种错误. 例如:只导入commons-codec-1.11-javadoc,jar和bcprov-jdk15on ...

  3. javax.crypto.BadPaddingException: Given final block not properly padded 解决方法

    下面的 Des 加密解密代码,在加密时正常,但是在解密是抛出错误: javax.crypto.BadPaddingException: Given final block not properly p ...

  4. android AES 部分机器javax.crypto.BadPaddingException: pad block corrupted

    package com.bbguoxue.poetry.util; import java.security.SecureRandom; import javax.crypto.Cipher; imp ...

  5. javax.crypto.IllegalBlockSizeException: Input length must be multiple of 16 when decrypting with padded cipher--转载

    原文地址:http://songjianyong.iteye.com/blog/1571029 /** * AESHelper.java * cn.com.songjy.test * * Functi ...

  6. java rsa 解密报:javax.crypto.BadPaddingException: Decryption error

    Exception in thread "main" javax.crypto.BadPaddingException: Decryption error    at sun.se ...

  7. Conversion to Dalvik format failed: Unable to execute dex: Multiple dex files define ...

    Conversion to Dalvik format failed: Unable to execute dex: Multiple dex files define ... 这个错误是因为有两个相 ...

  8. 导入项目时,有关[2016-04-03 20:38:02 - Dex Loader] Unable to execute dex: Multiple dex files 问题

    最近我在学习androidUI设计,在网上找了一个UI菜单界面开源代码示例,按照步骤导入项目,运行的时候控制台结果报了如下错误: [2016-04-03 20:38:02 - Dex Loader] ...

  9. Unable to execute dex: GC overhead limit exceeded

    Android打包时下面的错误: Unable to execute dex: GC overhead limit exceeded GC overhead limit exceeded 解决的方法: ...

随机推荐

  1. 谈谈网络分层和IP

    概述 在计算机网络这门课中,往往是将各层协议拆开一章一章的讲,每层协议是干嘛的,都各种怎么工作的.但如果有人问,这些协议之间怎么协调工作,有什么关系,往往处于懵逼状态. 网络分层 网络为什么分层,其实 ...

  2. Java调用Javascript、Python算法总结

    最近项目中经常需要将Javascript或者Python中的算法发布为服务,而发布Tomcat服务则需要在Java中调用这些算法,因此就不免要进行跨语言调用,即在Java程序中调用这些算法. 不管是调 ...

  3. vue防止按钮在短时间内被多次点击的方法

    vue组件 (function(){ let openDelay=false; Vue.directive('intervalclick', function(el,binding){ el.oncl ...

  4. 系统的讲解 - PHP 浮点数高精度运算

    目录 概述 浮点数运算的"锅" 任意精度数学函数 常用数值处理方案 扩展 小结 概述 记录下,工作中遇到的坑 ... 关于 PHP 浮点数运算,特别是金融行业.电子商务订单管理.数 ...

  5. ASP.NET Core2.2+Quartz.Net 实现web定时任务

    作为一枚后端程序狗,项目实践常遇到定时任务的工作,最容易想到的的思路就是利用Windows计划任务/wndows service程序/Crontab程序等主机方法在主机上部署定时任务程序/脚本. 但是 ...

  6. Java进阶篇之十五 ----- JDK1.8的Lambda、Stream和日期的使用详解(很详细)

    前言 本篇主要讲述是Java中JDK1.8的一些新语法特性使用,主要是Lambda.Stream和LocalDate日期的一些使用讲解. Lambda Lambda介绍 Lambda 表达式(lamb ...

  7. Gradle中的闭包

    Gradle是基于Groovy的DSL基础上的构建工具,Gradle中的闭包,其原型上实际上即Groovy中闭包.而在表现形式上,其实,Gradle更多的是以约定和基于约定基础上的配置去展现.但本质上 ...

  8. WPF 小小案列(同步异步)

    private void BtnButton_Click(object sender, RoutedEventArgs e) { MessageBox.Show("hello Word&qu ...

  9. Linq中 AsQueryable(), AsEnumerable()和ToList()的区别和用法

    Linq中 AsQueryable(), AsEnumerable()和ToList()的区别和用法:在写LINQ语句的时候,往往会看到AsEnumerable() ,AsQueryable() 和T ...

  10. mybatis一对一 和 一对多 嵌套查询

    实际项目中的,接口对外VO  会出现 一对一 和 一对多的情况,举例:小区 下面有 楼栋  ,楼栋 下面有 房屋    ,   房屋里面又房间 小区Vo  : districtVo { id: nam ...