shiro报错org.apache.shiro.UnavailableSecurityManagerException

org.apache.shiro.UnavailableSecurityManagerException: No SecurityManager accessible to the calling code, either bound to the org.apache.shiro.util.ThreadContext or as a vm static singleton.  This is an invalid application configuration.at org.apache.shiro.SecurityUtils.getSecurityManager(SecurityUtils.java:123)        at org.apache.shiro.subject.Subject$Builder.<init>(Subject.java:627)        at org.apache.shiro.SecurityUtils.getSubject(SecurityUtils.java:56)        at org.apache.jsp.view.public_._500_jsp._jspService(_500_jsp.java:146)        at org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:70)        at javax.servlet.http.HttpServlet.service(HttpServlet.java:729)        at org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:443)        at org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:385)        at org.apache.jasper.servlet.JspServlet.service(JspServlet.java:329)        at javax.servlet.http.HttpServlet.service(HttpServlet.java:729)        at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:230)        at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:165)        at org.apache.catalina.core.ApplicationDispatcher.invoke(ApplicationDispatcher.java:726)        at org.apache.catalina.core.ApplicationDispatcher.processRequest(ApplicationDispatcher.java:471)        at org.apache.catalina.core.ApplicationDispatcher.doForward(ApplicationDispatcher.java:394)        at org.apache.catalina.core.ApplicationDispatcher.forward(ApplicationDispatcher.java:311)        at org.springframework.web.servlet.view.InternalResourceView.renderMergedOutputModel(InternalResourceView.java:168)        at org.springframework.web.servlet.view.AbstractView.render(AbstractView.java:303)        at org.springframework.web.servlet.DispatcherServlet.render(DispatcherServlet.java:1244)        at org.springframework.web.servlet.DispatcherServlet.processDispatchResult(DispatcherServlet.java:1027)        at org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:971)        at org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:893)        at org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:966)        at org.springframework.web.servlet.FrameworkServlet.doPost(FrameworkServlet.java:868)        at javax.servlet.http.HttpServlet.service(HttpServlet.java:648)        at org.springframework.web.servlet.FrameworkServlet.service(FrameworkServlet.java:842)

以上为maven项目部署在linux服务器的tomcat上时抛出的异常

shiro的官方论坛答案，传送门：

http://shiro-user.582556.n2.nabble.com/Do-you-have-to-SecurityUtils-setSecurityManager-in-a-web-app-to-use-shiro-tag-library-td7114798.html

Tomcat invokes the filter chain only on REQUEST dispatcher. It's a standard servlet thing, but I'm not sure if Jetty implements dispatchers at all or they just have a different default
（Tomcat调用filter过滤器是默认只拦截 REQUEST请求，这其实是符合servlet标准的，但jetty调用filter过滤器时会拦截所有请求）
例如我们的common.jsp被别的页面用<jsp:include>标签包含时，jetty下filter依然起作用，但tomcat可不理会，这样common.jsp里如果有shiro的jsp标签，这个标签会调用securityManager获取当前的用户对象，但由于shirofilter过滤器没起作用，会导致标签找不到上下文

解决方法：

<!-- Shiro Security filter--><filter><filter-name>shiroFilter</filter-name><filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class><init-param>    <param-name>targetFilterLifecycle</param-name>     <param-value>true</param-value>   </init-param></filter><filter-mapping><filter-name>shiroFilter</filter-name><url-pattern>/*</url-pattern><dispatcher>REQUEST</dispatcher><dispatcher>FORWARD</dispatcher><dispatcher>INCLUDE</dispatcher><dispatcher>ERROR</dispatcher></filter-mapping>

将<dispatcher/>标签内容添加到现有shiroFilter 里面就可以了，大致意思是强制这个过滤器过滤所有相关的请求