我創建了一個簡單的會話在Spring 3.1作用域bean。它應該給我方便地訪問公司的當前登錄用戶。不保留在Spring會話bean數據
@Component
@Scope(value = "session", proxyMode = ScopedProxyMode.TARGET_CLASS)
public class SessionData {
private Company company;
public Company getCompany() {
return company;
}
public void setCompany(Company company) {
this.company = company;
}
}
我在我的自定義身份驗證提供程序的authenticate()方法中使用公司填充此bean。
@Component(value = "authenticationProvider")
public class ProduxAuthenticationProvider implements AuthenticationProvider {
private SessionData sessionData;
private CompanyService companyService;
@Autowired
public ProduxAuthenticationProvider(SessionData sessionData, CompanyService companyService) {
this.sessionData = sessionData;
this.companyService = companyService;
}
@Override
public Authentication authenticate(Authentication authentication) throws AuthenticationException {
// Authentication logic (token creation) removed for readability....
Company company = companyService.findByUserProfile(profile);
// Set company on session bean
sessionData.setCompany(company);
return token;
}
}
然後我試圖訪問ManagementHomeController中的公司字段,它在驗證成功完成後運行。
@Controller
@RequestMapping(value = "/manage/home")
public class ManagementHomeController {
private CourseService userService;
private CompanyService companyService;
private SessionData sessionData;
@Autowired
public ManagementHomeController(CourseService userService, CompanyService companyService, SessionData sessionData) {
this.userService = userService;
this.companyService = companyService;
this.sessionData = sessionData;
}
@RequestMapping(method = RequestMethod.GET)
public String get(Model model) {
model.addAttribute("mainContent", "content/managementHome");
// sessionData.company is null here! Object id is same as in ProduxAuthenticationProvider
return "main";
}
}
不知何故,在ManagementHomeController中SessionData的公司字段爲空,但它是同一個對象。我可以看到,由於sessionData的對象ID是ProduxAuthenticationProvider和ManagementHomeController相同。
任何想法,爲什麼SessionData一路上失去它的公司?
你能否證實誰調用ProduxAuthenticationProvider,它是通過任何機會的過濾器來註冊RequestContextListener? –
你好六必居,是的,它可能是一個彈簧過濾器。我在web.xml中聲明瞭org.springframework.web.filter.DelegatingFilterProxy以使安全工作。 – Julius