Java getAllPrinciples（）返回空列表

我已将我的spring security配置如下：

根上下文

        <import resource="classpath:springConfig.xml" />
    <import resource="appServlet/servlet-context.xml" />
    <import resource="appServlet/spring-security.xml" />

    <bean id="InitializationService"
        class="kh.com.gfam.rsos.businesslogic.initialization.impl.InitializationServiceImpl">
    </bean>



    <bean id="messageSource"
        class="org.springframework.context.support.ReloadableResourceBundleMessageSource">
        <property name="basename" value="classpath:messages_en"></property>
        <property name="defaultEncoding" value="UTF-8"></property>
    </bean>

    <!-- Custom Spring Security -->

    <bean id="companyIdUsernamePasswordAuthenticationProvider"
        class="kh.com.gfam.rsos.common.security.RsosAuthenticationProvider" />

    <bean id="companyIdUsernamePasswordAuthenticationFilter"
        class="kh.com.gfam.rsos.common.security.RsosUsernamePasswordAuthenticationFilter">
        <property name="authenticationManager" ref="authenticationManager" />
        <property name="sessionAuthenticationStrategy" ref="sas" />
        <property name="authenticationFailureHandler" ref="authenticationFailureHandler" />
        <property name="authenticationSuccessHandler" ref="authenticationSuccessHandler" />
        <property name="filterProcessesUrl" value="/Authenticate" />
    </bean>

    <bean id="loginUrlAuthenticationEntryPoint"
        class="org.springframework.security.web.authentication.LoginUrlAuthenticationEntryPoint">
        <constructor-arg value="/Login" />
    </bean>

    <bean id="authenticationFailureHandler"
        class="org.springframework.security.web.authentication.ExceptionMappingAuthenticationFailureHandler">
        <property name="defaultFailureUrl" value="/Login/defaultError" />
        <property name="exceptionMappings">
            <props>
                <prop
                    key="org.springframework.security.authentication.BadCredentialsException">
                    /Login/badCredentials
                </prop>
                <prop
                    key="org.springframework.security.core.userdetails.UsernameNotFoundException">
                    /Login/userNotFound
                </prop>
                <prop
                    key="org.springframework.security.authentication.DisabledException">
                    /Login/disabled
                </prop>
                <prop
                    key="org.springframework.security.authentication.ProviderNotFoundException">
                    /Login/providerNotFound
                </prop>
                <prop
                    key="org.springframework.security.authentication.AuthenticationServiceException">
                    /Login/authenticationService
                </prop>
            </props>
        </property>
    </bean>

    <bean id="authenticationSuccessHandler"
        class="kh.com.gfam.rsos.common.security.RsosAuthenticationSuccessHandler">
    </bean>

    <bean id="RsosLogoutSuccessHandler"
        class="kh.com.gfam.rsos.common.security.RsosLogoutSucessHandler"></bean>

    <bean id="concurrencyFilter"
        class="org.springframework.security.web.session.ConcurrentSessionFilter">
        <constructor-arg name="sessionRegistry" ref="sessionRegistry" />
        <constructor-arg name="expiredUrl" value="/session-expired.jsp" />

    </bean>

    <bean id="sessionRegistry"
        class="org.springframework.security.core.session.SessionRegistryImpl" />

    <bean id="sas"
        class="org.springframework.security.web.authentication.session.CompositeSessionAuthenticationStrategy">
        <constructor-arg>
            <list>
                <bean
                    class="org.springframework.security.web.authentication.session.ConcurrentSessionControlAuthenticationStrategy">
                    <constructor-arg ref="sessionRegistry" />
                    <property name="maximumSessions" value="1" />
                    <property name="exceptionIfMaximumExceeded" value="true" />
                </bean>
                <bean
                    class="org.springframework.security.web.authentication.session.SessionFixationProtectionStrategy" />
                <bean
                    class="org.springframework.security.web.authentication.session.RegisterSessionAuthenticationStrategy">
                    <constructor-arg ref="sessionRegistry" />
                </bean>
            </list>
        </constructor-arg>
    </bean>

/登录/注销凭据
/登录名/userNotFound
/登录/禁用
/登录名/提供者未找到
/登录/认证服务

spring-security.xml

<http auto-config="false" use-expressions="true"
        entry-point-ref="loginUrlAuthenticationEntryPoint">  
        <intercept-url pattern="/Admin/**" access="hasRole('ROLE_ADMIN')" />
        <intercept-url pattern="/Concierge/**" access="hasRole('ROLE_USER')" />
        <intercept-url pattern="/**" access="permitAll" />
        <custom-filter position="FORM_LOGIN_FILTER"
            ref="companyIdUsernamePasswordAuthenticationFilter" />  
        <custom-filter position="CONCURRENT_SESSION_FILTER" ref="concurrencyFilter" />
        <logout logout-url="/Logout" delete-cookies="true"
            invalidate-session="true" success-handler-ref="RsosLogoutSuccessHandler" />
        <csrf disabled="true" />
        <session-management invalid-session-url="/Login"
            session-authentication-strategy-ref="sas" />

        <access-denied-handler error-page="/accessDenied" />
    </http>

    <global-method-security secured-annotations="enabled" />

    <authentication-manager alias="authenticationManager">
        <authentication-provider
            ref="companyIdUsernamePasswordAuthenticationProvider" />  
    </authentication-manager>

web.xml

<context-param>
        <param-name>contextConfigLocation</param-name>
        <param-value>/WEB-INF/spring/root-context.xml</param-value>
    </context-param>

    <context-param>
        <param-name>webAppRootKey</param-name>
        <param-value>webapp.root</param-value>
    </context-param>
    <context-param>
        <param-name>log4jExposeWebAppRoot</param-name>
        <param-value>true</param-value>
    </context-param>
    <context-param>
        <param-name>log4jConfigLocation</param-name>
        <param-value>/WEB-INF/classes/log4j.properties</param-value>
    </context-param>
    <listener>
        <listener-class>org.springframework.web.util.WebAppRootListener</listener-class>
    </listener>
    <listener>
        <listener-class>org.springframework.web.util.Log4jConfigListener</listener-class>
    </listener> 
    <listener>
        <listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
    </listener>

    <listener>
        <listener-class>kh.com.gfam.rsos.listener.InitializeApplicationListner</listener-class>
    </listener>

    <servlet>
        <servlet-name>appServlet</servlet-name>
        <servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
        <init-param>
            <param-name>contextConfigLocation</param-name>
            <param-value>/WEB-INF/spring/appServlet/servlet-context.xml</param-value>
        </init-param>
        <multipart-config>
            <max-file-size>10485760</max-file-size>
            <max-request-size>104857600</max-request-size>
            <file-size-threshold>20971520</file-size-threshold>
        </multipart-config>
    </servlet>



    <servlet-mapping>
        <servlet-name>appServlet</servlet-name>
        <url-pattern>/</url-pattern>
    </servlet-mapping>
    <servlet-mapping>
        <servlet-name>default</servlet-name>
        <url-pattern>*.css</url-pattern>
    </servlet-mapping>
    <servlet-mapping>
        <servlet-name>default</servlet-name>
        <url-pattern>*.js</url-pattern>
    </servlet-mapping>
    <servlet-mapping>
        <servlet-name>default</servlet-name>
        <url-pattern>*.png</url-pattern>
    </servlet-mapping>
    <servlet-mapping>
        <servlet-name>default</servlet-name>
        <url-pattern>*.jpg</url-pattern>
    </servlet-mapping>
    <servlet>
        <description></description>
        <display-name>GetImageController</display-name>
        <servlet-name>GetImageController</servlet-name>
        <servlet-class>kh.com.gfam.rsos.presentation.controller.GetImage.GetImageController</servlet-class>
    </servlet>
    <servlet-mapping>
        <servlet-name>GetImageController</servlet-name>
        <url-pattern>/GetImageController</url-pattern>
    </servlet-mapping>

    <filter>
        <filter-name>CharacterEncodingFilter</filter-name>
        <filter-class>org.springframework.web.filter.CharacterEncodingFilter</filter-class>
        <init-param>
            <param-name>encoding</param-name>
            <param-value>UTF-8</param-value>
        </init-param>
        <init-param>
            <param-name>forceEncoding</param-name>
            <param-value>true</param-value>
        </init-param>
    </filter>
    <filter-mapping>
        <filter-name>CharacterEncodingFilter</filter-name>
        <url-pattern>/*</url-pattern>
    </filter-mapping>

    <filter>
        <filter-name>springSecurityFilterChain</filter-name>
        <filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
    </filter>

    <filter-mapping>
        <filter-name>springSecurityFilterChain</filter-name>
        <url-pattern>/*</url-pattern>
    </filter-mapping>

    <listener>
        <listener-class>
            org.springframework.security.web.session.HttpSessionEventPublisher
        </listener-class>
    </listener>

    <session-config>
        <session-timeout>30</session-timeout>
    </session-config>

    <error-page>
        <error-code>404</error-code>
        <location>/WEB-INF/views/error_pages/404.jsp</location>
    </error-page>

    <error-page>
        <error-code>405</error-code>
        <location>/WEB-INF/views/error_pages/405.jsp</location>
    </error-page>

    <error-page>
        <error-code>500</error-code>
        <location>/WEB-INF/views/error_pages/500.jsp</location>
    </error-page>

    <error-page>
        <error-code>400</error-code>
        <location>/WEB-INF/views/error_pages/400.jsp</location>
    </error-page>

    <error-page>
        <exception-type>java.lang.Throwable</exception-type>
        <location>/WEB-INF/views/error_pages/system_error.jsp</location>
    </error-page>

上下文配置位置
/WEB-INF/spring/root-context.xml
WebApprotKey
webapp.root
log4jExposeWebAppRoot
真的
log4jConfigLocation
/WEB-INF/classes/log4j.properties
org.springframework.web.util.webapprotListener
org.springframework.web.util.Log4jConfigListener
org.springframework.web.context.ContextLoaderListener
kh.com.gfam.rsos.listener.InitializeApplicationListner
appServlet
org.springframework.web.servlet.DispatcherServlet
上下文配置位置
/WEB-INF/spring/appServlet/servlet-context.xml
10485760
104857600
20971520
appServlet
/
违约
*.css
违约
*.js
违约
*.png
违约
*jpg先生
GetImageController
GetImageController
kh.com.gfam.rsos.presentation.controller.GetImage.GetImageController
GetImageController
/GetImageController
字符编码滤波器
org.springframework.web.filter.CharacterEncodingFilter
编码
UTF-8
强制编码
真的
字符编码滤波器
/*
springSecurityFilterChain
org.springframework.web.filter.DelegatingFilterProxy
springSecurityFilterChain
/*
org.springframework.security.web.session.HttpSessionEventPublisher
30
404
/WEB-INF/views/error\u pages/404.jsp
405
/WEB-INF/views/error\u pages/405.jsp
500
/WEB-INF/views/error\u pages/500.jsp
400
/WEB-INF/views/error\u pages/400.jsp
java.lang.Throwable
/WEB-INF/views/error\u pages/system\u error.jsp

spring-config.xml

<mvc:annotation-driven />
    <mybatis-spring:scan base-package="kh.com.gfam.rsos.dataaccess.dao.**" />

    <bean id="dataSource"
        class="org.springframework.jdbc.datasource.DriverManagerDataSource">
        <property name="driverClassName" value="com.mysql.jdbc.Driver">
        </property>
        <property name="url" value="jdbc:mysql://localhost:3306/rsosdb">
        </property>
        <property name="username" value="admin"></property>
        <property name="password" value="gfam"></property>
    </bean>
    <bean id="propertyConfigurer"
        class="org.springframework.beans.factory.config.PropertyPlaceholderConfigurer">
        <property name="systemPropertiesModeName" value="SYSTEM_PROPERTIES_MODE_OVERRIDE" />
        <property name="searchSystemEnvironment" value="true" />
        <property name="locations">
            <list>
                <value>classpath:application.properties</value>
                <value>classpath:messages_en.properties</value>
                <value>classpath:email.properties</value>
                <value>classpath:emailtemplate.properties</value>
            </list>
        </property>
        </bean>
    <bean id="sqlSessionFactory" class="org.mybatis.spring.SqlSessionFactoryBean">
        <property name="dataSource" ref="dataSource"></property>
        <property name="configLocation" value="classpath:mybatisConfig.xml">
        </property>
    </bean>

    <bean id="sqlSession" class="org.mybatis.spring.SqlSessionTemplate">
        <constructor-arg index="0" ref="sqlSessionFactory" />
    </bean>

    <bean class="org.mybatis.spring.mapper.MapperScannerConfigurer">
        <property name="basePackage" value="com.sivalabs.mybatisdemo.mappers" />
    </bean>

    <tx:annotation-driven transaction-manager="transactionManager" />

    <bean id="transactionManager"
        class="org.springframework.jdbc.datasource.DataSourceTransactionManager">
        <property name="dataSource" ref="dataSource" />
    </bean>

    <bean id="multipartResolver"
        class="org.springframework.web.multipart.support.StandardServletMultipartResolver">
    </bean>

    <bean id="localeResolver"
        class="org.springframework.web.servlet.i18n.CookieLocaleResolver">
        <property name="defaultLocale" value="en" />
        <property name="cookieName" value="myAppLocaleCookie"></property>
        <property name="cookieMaxAge" value="3600"></property>
    </bean>

    <!-- mail configuration -->
     <bean class="org.springframework.mail.javamail.JavaMailSenderImpl"
        id="mailSender">
        <property name="host" value="${email.host}" />
        <property name="protocol" value="${email.protocol}" />
        <property name="port" value="${email.port}" />
        <property name="username" value="${email.username}" />
        <property name="password" value="${email.password}" />
        <property name="javaMailProperties">
            <props>
                <prop key="mail.smtp.auth">true</prop>
                <prop key="mail.smtp.starttls.enable">true</prop>
                <prop key="mail.smtp.ssl.trust">${email.host}</prop>
            </props>
        </property>
    </bean> 

    <bean class="org.springframework.mail.SimpleMailMessage" id="orderRequestReceivedTemplate">
        <property name="subject" value="${email.subject.request.received}" />
        <property name="text" value="${email.text.request.received}" />
    </bean>

    <bean class="org.springframework.mail.SimpleMailMessage" id="cancelRequestRecievedTemplate">
        <property name="subject" value="${email.subject.request.canceled}" />
        <property name="text" value="${email.subject.request.canceled}" />
    </bean>
    <bean
        class="org.springframework.web.servlet.handler.SimpleMappingExceptionResolver">
        <property name="warnLogCategory" value="apperror" />
        <property name="exceptionMappings">
            <props>
                <prop key="java.lang.Exception">error</prop>
            </props>
        </property>
    </bean>

类路径：application.properties
类路径：消息\u en.properties
类路径：email.properties
类路径：emailtemplate.properties
真的
真的
${email.host}
错误

servlet上下文

<!-- Enables the Spring MVC @Controller programming model -->
    <annotation-driven />

    <!-- Handles HTTP GET requests for /resources/** by efficiently serving 
        up static resources in the ${webappRoot}/resources directory -->
    <resources mapping="/resources/**" location="/resources/" />

    <!-- Resolves views selected for rendering by @Controllers to .jsp resources 
        in the /WEB-INF/views directory -->
    <beans:bean
        class="org.springframework.web.servlet.view.InternalResourceViewResolver">
        <beans:property name="prefix" value="/WEB-INF/views/" />
        <beans:property name="suffix" value=".jsp" />
    </beans:bean>
    <context:property-placeholder location="classpath:application.properties"
        order="1" ignore-unresolvable="true" />

    <context:component-scan base-package="kh.com.gfam.rsos" />
    <context:component-scan
        base-package="kh.com.gfam.rsos.businesslogic.initialization.impl" />
    <context:component-scan
        base-package="kh.com.gfam.rsos.businesslogic.displaymenuservice.impl" />
    <context:component-scan base-package="kh.com.gfam.rsos.common.util" />
    <context:component-scan base-package="kh.com.gfam.rsos.common.security" />
    <context:component-scan base-package="kh.com.gfam.rsos.presentation.controller" />

控制器中的代码

    List<Object> allPrincipals = sessionRegistry.getAllPrincipals();

    for(Object principal : allPrincipals) {
        if(principal instanceof UserDTO) {
            final UserDTO user = (UserDTO) principal;

            // Do something with user
            System.out.println(user);
        }
    }

List allPrincipals=sessionRegistry.getAllPrincipals（）；
for（对象主体：所有主体）{
if（UserDTO的主体实例）{
最终用户DTO用户=（用户DTO）主体；
//对用户做些什么
System.out.println（用户）；
}
}

当我试图在控制器中调用sessionRegistry.getAllPrincipals（）时，它总是返回空列表，并且我已经自动连接sessionRegistry，并重写了UserDTO类中的equal（）和hashCode（）方法，该方法也是从UserDetail实现的

---

我做错了什么

发布web.xml和由

DispatcherServlet

加载的上下文的xml。我猜您加载了两次所有内容，因此对未使用的

SessionRegistry

的引用错误。我编辑了我的帖子并添加了两个，您能指出错误吗？为什么要加载

servlet context.xml

两次？这基本上复制了所有的豆子。请添加该配置。目前信息不完整。我再次编辑我的帖子并将servlet上下文添加到其中，请检查。顺便说一句，这个配置是由我的团队触摸和编辑的，所以可能其中一个是将servlet上下文导入root context.xml。我很难理解您的配置，有很多重复（xml文件加载了两次，组件扫描了多次）。我建议启用调试日志记录，并检查启动期间发生的情况以及实例化类的频率。