Java 会话过期后,SpringMVC将用户重定向到登录页面
我已将会话中的用户bean存储为控制器中的Java 会话过期后,SpringMVC将用户重定向到登录页面,java,spring,spring-mvc,session-variables,session-timeout,Java,Spring,Spring Mvc,Session Variables,Session Timeout,我已将会话中的用户bean存储为控制器中的@SessionAttributes({“UserBean”}) 我的目标是在会话过期时将用户重定向到登录/错误页面。下面是我的代码片段 @RequestMapping(value = "searchOpportunity.htm", method = RequestMethod.GET) public ModelAndView searchOpportunity(@ModelAttribute("UserBean") UserBean userBean
@SessionAttributes({“UserBean”})
我的目标是在会话过期时将用户重定向到登录/错误页面。下面是我的代码片段
@RequestMapping(value = "searchOpportunity.htm", method = RequestMethod.GET)
public ModelAndView searchOpportunity(@ModelAttribute("UserBean") UserBean userBean) {
functionName = "searchOpportunity";
logger.info("HERE !!! In " + className + " - " + functionName + " ");
System.out.println("HERE !!! In " + className + " - " + functionName + " ");
try {
if (userBean == null) {
System.out.println(userBean);
return new ModelAndView("userLogout", "command", null);
}
} catch (Exception e) {
e.printStackTrace();
}
return new ModelAndView("opportunity/opportunitySearch", "command", new SearchOpportunityBean());
}
然而,当会话过期时,我得到以下错误
org.apache.catalina.core.StandardWrapperValve invoke
SEVERE: Servlet.service() for servlet mintDispatcher threw exception
org.springframework.web.HttpSessionRequiredException: Session attribute 'UserBean' required - not found in session
at org.springframework.web.servlet.mvc.annotation.AnnotationMethodHandlerAdapter$ServletHandlerMethodInvoker.raiseSessionRequiredException(AnnotationMethodHandlerAdapter.java:761)
at org.springframework.web.bind.annotation.support.HandlerMethodInvoker.resolveModelAttribute(HandlerMethodInvoker.java:758)
at org.springframework.web.bind.annotation.support.HandlerMethodInvoker.resolveHandlerArguments(HandlerMethodInvoker.java:356)
at org.springframework.web.bind.annotation.support.HandlerMethodInvoker.invokeHandlerMethod(HandlerMethodInvoker.java:171)
at org.springframework.web.servlet.mvc.annotation.AnnotationMethodHandlerAdapter.invokeHandlerMethod(AnnotationMethodHandlerAdapter.java:436)
at org.springframework.web.servlet.mvc.annotation.AnnotationMethodHandlerAdapter.handle(AnnotationMethodHandlerAdapter.java:424)
at org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:790)
at org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:719)
at org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:644)
at org.springframework.web.servlet.FrameworkServlet.doGet(FrameworkServlet.java:549)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:617)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:717)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:233)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:191)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:128)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:293)
at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:849)
at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:583)
at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:454)
at java.lang.Thread.run(Unknown Source)
如果userbean过期,控制器代码似乎永远不会执行。原因是什么?
什么是解决方案?为什么不尝试使用Spring Security
<sec:session-management invalid-session-url="/login">
<sec:concurrency-control expired-url="/login" />
</sec:session-management>
当用户会话过期或无效时,这将重定向到/login页面
参考:您可以在HandlerInterceptorAdapter的帮助下完成。如果执行链继续执行下一个拦截器或处理程序(您的控制器)本身,则preHandle()方法应返回true。否则,DispatcherServlet假定这个拦截器已经处理了响应本身
public class YourInterceptor extends HandlerInterceptorAdapter {
public boolean preHandle(HttpServletRequest request,
HttpServletResponse response, Object handler) throws Exception {
UserBean userBean = (UserBean) WebUtils.getSessionAttribute(request, "UserBean");
if(userBean == null){
//whatever you want to do
return throw new ModelAndViewDefiningException(new ModelAndView("userLogout", "command", null));
}else{
return true;
}
}
}
并在处理程序映射定义中指定此拦截器,如下所示:
<bean id="yourInterceptor" class="package.YourInterceptor"/>
<bean id="urlMapping" class="org.springframework.web.servlet.handler.SimpleUrlHandlerMapping">
<property name="order" value="1" />
<property name="interceptors">
<list>
<ref bean="yourInterceptor" />
</list>
</property>
<property name="mappings">
<props>
<prop key="/searchOpportunity.htm">YourController</prop>
</props>
</property>
</bean>
你的控制器
检查此项我不熟悉Spring Security。请给我一些好的参考资料,我很难理解文档请查看以下示例: