Java spring安全过滤器会阻止所有hibernate查询
我在JSF、spring、Hibernate和spring security中有一个应用程序,Hibernate层和数据库之间的交互很好,一旦spring安全层查询不呈现任何内容 有解决办法吗 我正在从hibernate配置文件创建SessionFactory web.xml中的过滤器:Java spring安全过滤器会阻止所有hibernate查询,java,spring,hibernate,spring-security,sessionfactory,Java,Spring,Hibernate,Spring Security,Sessionfactory,我在JSF、spring、Hibernate和spring security中有一个应用程序,Hibernate层和数据库之间的交互很好,一旦spring安全层查询不呈现任何内容 有解决办法吗 我正在从hibernate配置文件创建SessionFactory web.xml中的过滤器: !-- Spring Security --> <filter> <filter-name>springSecurityFilterChain</f
!-- Spring Security -->
<filter>
<filter-name>springSecurityFilterChain</filter-name>
<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
</filter>
<filter-mapping>
<filter-name>springSecurityFilterChain</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
package Util;
import org.hibernate.Session;
import org.hibernate.SessionFactory;
import org.hibernate.cfg.AnnotationConfiguration;
import org.hibernate.cfg.Configuration;
import org.hibernate.service.ServiceRegistry;
import org.hibernate.service.ServiceRegistryBuilder;
public class HibernateUtil {
private static SessionFactory sessionFactory;
static {
try {
Configuration configuration = new AnnotationConfiguration();;
configuration.configure();
ServiceRegistry sr = new ServiceRegistryBuilder().applySettings(configuration.getProperties()).buildServiceRegistry();
sessionFactory = configuration.buildSessionFactory(sr);
} catch (Throwable ex) {
// Log the exception.
System.err.println("Initial SessionFactory creation failed." + ex);
throw new ExceptionInInitializerError(ex);
}
}
public static SessionFactory getSessionFactory() {
return sessionFactory;
}
}
@Transactional
公共类stufImp实现stufDAO,可序列化{
私有SessionFactory sf=HibernateUtil.getSessionFactory();
会议;
公共场所{
}
@凌驾
公共列表getAllstufs(){
session=sf.getCurrentSession();
session.beginTransaction();
List stufs=session.createQuery(“来自Stuf”).List();
session.getTransaction().commit();
System.out.println(“获取所有Stufs”);
返回stufs;
}
对于初学者,首先删除用于配置hibernate的HibernateTil,然后修复dao。您应该永远不要将
会话存储在实例变量中,至少在dao是单实例时是如此。(想象一下,如果出现两个并发请求,会发生什么,会话会发生什么!)
!-- Spring Security -->
<filter>
<filter-name>springSecurityFilterChain</filter-name>
<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
</filter>
<filter-mapping>
<filter-name>springSecurityFilterChain</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
package Util;
import org.hibernate.Session;
import org.hibernate.SessionFactory;
import org.hibernate.cfg.AnnotationConfiguration;
import org.hibernate.cfg.Configuration;
import org.hibernate.service.ServiceRegistry;
import org.hibernate.service.ServiceRegistryBuilder;
public class HibernateUtil {
private static SessionFactory sessionFactory;
static {
try {
Configuration configuration = new AnnotationConfiguration();;
configuration.configure();
ServiceRegistry sr = new ServiceRegistryBuilder().applySettings(configuration.getProperties()).buildServiceRegistry();
sessionFactory = configuration.buildSessionFactory(sr);
} catch (Throwable ex) {
// Log the exception.
System.err.println("Initial SessionFactory creation failed." + ex);
throw new ExceptionInInitializerError(ex);
}
}
public static SessionFactory getSessionFactory() {
return sessionFactory;
}
}
要配置hibernateSessionFactory
,请使用spring中的LocalSessionFactoryBean
。(和中的详细信息)
您还需要事务管理器并启用注释驱动的事务
<bean id="transactionManager" class="org.springframework.orm.hibernate4.HibernateTransactionManager">
<property name="sessionFactory" ref="sessionFactory" />
</bean>
<tx:annotation-driven /> <!-- By default references 'transactionManager' -->
修改dao(请参阅)
@Transactional
公共类stufImp实现stufDAO,可序列化{
@自动连线
私人会话工厂sf;
@凌驾
公共列表getAllstufs(){
返回sf.getCurrentSession().createQuery(“来自Stuf”).list();
}
}
链接
在春季设置SessionFactory
实现daos
请参阅答案。您是否也可以发布基于hibernate和spring的配置。
@Transactional
public class stufImp implements stufDAO , Serializable {
@Autowired
private SessionFactory sf;
@Override
public List<Stuf> getAllstufs() {
return sf.getCurrentSession().createQuery("from Stuf").list();
}
}