1. 首頁
  2. 問答
  3. 當會話過期時,Spring MVC會將用戶重定向到登錄頁面

當會話過期時,Spring MVC會將用戶重定向到登錄頁面

2014-04-21 112 views
2

我的控制器中存儲了一個用戶bean,作爲@SessionAttributes({"UserBean"})當會話過期時,Spring MVC會將用戶重定向到登錄頁面

我的目標是在會話過期時將用戶重定向到登錄/錯誤頁面。以下是我的代碼片段

@RequestMapping(value = "searchOpportunity.htm", method = RequestMethod.GET) 
     public ModelAndView searchOpportunity(@ModelAttribute("UserBean") UserBean userBean) { 
      functionName = "searchOpportunity"; 
      logger.info("HERE !!! In "+className+" - "+functionName+" "); 
      System.out.println("HERE !!! In "+className+" - "+functionName+" "); 

      try 
      { 

      if(userBean==null) 
      { 
       System.out.println(userBean); 
       return new ModelAndView("userLogout", "command", null); 
      } 
      } 


      catch(Exception e) 
      { 
       e.printStackTrace(); 
      } 
      return new ModelAndView("opportunity/opportunitySearch", "command", new SearchOpportunityBean()); 

     }

但是,當會話過期時,出現以下錯誤。

org.apache.catalina.core.StandardWrapperValve invoke 
SEVERE: Servlet.service() for servlet mintDispatcher threw exception 
org.springframework.web.HttpSessionRequiredException: Session attribute 'UserBean' required - not found in session 
    at org.springframework.web.servlet.mvc.annotation.AnnotationMethodHandlerAdapter$ServletHandlerMethodInvoker.raiseSessionRequiredException(AnnotationMethodHandlerAdapter.java:761) 
    at org.springframework.web.bind.annotation.support.HandlerMethodInvoker.resolveModelAttribute(HandlerMethodInvoker.java:758) 
    at org.springframework.web.bind.annotation.support.HandlerMethodInvoker.resolveHandlerArguments(HandlerMethodInvoker.java:356) 
    at org.springframework.web.bind.annotation.support.HandlerMethodInvoker.invokeHandlerMethod(HandlerMethodInvoker.java:171) 
    at org.springframework.web.servlet.mvc.annotation.AnnotationMethodHandlerAdapter.invokeHandlerMethod(AnnotationMethodHandlerAdapter.java:436) 
    at org.springframework.web.servlet.mvc.annotation.AnnotationMethodHandlerAdapter.handle(AnnotationMethodHandlerAdapter.java:424) 
    at org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:790) 
    at org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:719) 
    at org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:644) 
    at org.springframework.web.servlet.FrameworkServlet.doGet(FrameworkServlet.java:549) 
    at javax.servlet.http.HttpServlet.service(HttpServlet.java:617) 
    at javax.servlet.http.HttpServlet.service(HttpServlet.java:717) 
    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290) 
    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) 
    at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:233) 
    at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:191) 
    at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:128) 
    at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102) 
    at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109) 
    at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:293) 
    at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:849) 
    at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:583) 
    at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:454) 
    at java.lang.Thread.run(Unknown Source)

似乎控制器代碼永遠不會執行,如果userbean過期。是什麼原因 ? 什麼是解決方案?

來源

2014-04-21 Abhishek Singh

+0

入住這http://stackoverflow.com/a/5841795/2182351 – Mani

回答

2

你爲什麼不用Spring Security來試試這個?

<sec:session-management invalid-session-url="/login"> 
     <sec:concurrency-control expired-url="/login" /> 
</sec:session-management>

當用戶的會話過期或無效時,這將重定向到/登錄頁面。

編號:http://docs.spring.io/spring-security/site/docs/3.0.x/reference/springsecurity.html

來源

2014-04-23 14:35:31 Pantelis

+0

我不熟悉的春季安全。請給我一些很好的參考資料,我很難理解文檔 –

+0

請檢查以下示例:https://blog.trifork.com/2014/02/28/session-timeout-and-concurrent-session-control -with - 彈簧 - 安全和彈簧-MVC / – Pantelis

0

您可以通過HandlerInterceptorAdapter的幫助下做到這一點。如果執行鏈應繼續執行下一個攔截器或處理程序(控制器)本身,則preHandle()方法應返回true。否則,DispatcherServlet假定這個攔截器已經處理了響應本身。

public class YourInterceptor extends HandlerInterceptorAdapter { 
     public boolean preHandle(HttpServletRequest request, 
      HttpServletResponse response, Object handler) throws Exception { 
      UserBean userBean = (UserBean) WebUtils.getSessionAttribute(request, "UserBean"); 
      if(userBean == null){ 
       //whatever you want to do 
       return throw new ModelAndViewDefiningException(new ModelAndView("userLogout", "command", null)); 
      }else{ 
       return true; 
      } 
     } 
    }

,並指定這個攔截器在處理程序映射定義爲:

<bean id="yourInterceptor" class="package.YourInterceptor"/> 
    <bean id="urlMapping" class="org.springframework.web.servlet.handler.SimpleUrlHandlerMapping"> 
      <property name="order" value="1" /> 
      <property name="interceptors"> 
       <list> 
        <ref bean="yourInterceptor" /> 
       </list> 
      </property> 
      <property name="mappings"> 
       <props> 
        <prop key="/searchOpportunity.htm">YourController</prop>  
       </props> 
      </property> 
     </bean>

來源

2014-04-23 15:18:52 Prasad

相關問題

 相關問題