编程语言
首页 > 编程语言> > java-Spring MVC处理会话已过期

java-Spring MVC处理会话已过期

作者:互联网

我正在使用Jboss EAP 6.2,Java EE 6和Spring MVC 4.0.2.
当会话过期时,我要执行页面重定向.

我已经开发了弹簧拦截器

@Component
public class SessionExpiredInterceptor extends HandlerInterceptorAdapter {


    static final Logger logger = Logger.getLogger(SessionExpiredInterceptor.class);
    @Override
    public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
     final HttpSession session = request.getSession(false);
         if ( session == null || session.isNew() ) {
             ConfigurationProperties confProp = ConfigurationProperties.getInstance();
             logger.info("Sessione scaduta, redirect home page");
             request.getSession(true);
             response.sendRedirect(request.getContextPath() + "/" + 
                     confProp.getInstance().getProperty("session.expired.redirect"));
         } 
        return true;

    }
}

但我有以下看法:

org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'scopedTarget.navigator': Scope 'session' is not active for the current thread; consider defining a scoped proxy for this bean if you intend to refer to it from a singleton; nested exception is java.lang.IllegalStateException: JBWEB000043: Cannot create a session after the response has been committed
    org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(AbstractBeanFactory.java:353)
    org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:195)
    org.springframework.aop.target.SimpleBeanTargetSource.getTarget(SimpleBeanTargetSource.java:35)
    org.springframework.aop.framework.CglibAopProxy$DynamicAdvisedInterceptor.getTarget(CglibAopProxy.java:676)
    org.springframework.aop.framework.CglibAopProxy$DynamicAdvisedInterceptor.intercept(CglibAopProxy.java:627)
    it.lispa.sire.finanziamentionline.web.mvc.model.Navigator$$EnhancerBySpringCGLIB$$b6b810e.addNavigationMessages(<generated>)
    it.lispa.sire.finanziamentionline.web.mvc.UserSessionInterceptor.preHandle(UserSessionInterceptor.java:91)
    org.springframework.web.servlet.HandlerExecutionChain.applyPreHandle(HandlerExecutionChain.java:130)
    org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:939)
    org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:876)
    org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:961)
    org.springframework.web.servlet.FrameworkServlet.doGet(FrameworkServlet.java:852)
    javax.servlet.http.HttpServlet.service(HttpServlet.java:734)
    org.springframework.web.servlet.FrameworkServlet.service(FrameworkServlet.java:837)
    javax.servlet.http.HttpServlet.service(HttpServlet.java:847)
JBWEB000071: root cause

java.lang.IllegalStateException: JBWEB000043: Cannot create a session after the response has been committed
    org.apache.catalina.connector.Request.doGetSession(Request.java:2627)
    org.apache.catalina.connector.Request.getSession(Request.java:2361)
    org.apache.catalina.connector.RequestFacade.getSession(RequestFacade.java:790)
    org.springframework.web.context.request.ServletRequestAttributes.getSession(ServletRequestAttributes.java:79)
    org.springframework.web.context.request.ServletRequestAttributes.getSessionMutex(ServletRequestAttributes.java:212)
    org.springframework.web.context.request.SessionScope.get(SessionScope.java:91)
    org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(AbstractBeanFactory.java:338)
    org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:195)
    org.springframework.aop.target.SimpleBeanTargetSource.getTarget(SimpleBeanTargetSource.java:35)
    org.springframework.aop.framework.CglibAopProxy$DynamicAdvisedInterceptor.getTarget(CglibAopProxy.java:676)
    org.springframework.aop.framework.CglibAopProxy$DynamicAdvisedInterceptor.intercept(CglibAopProxy.java:627)
    it.lispa.sire.finanziamentionline.web.mvc.model.Navigator$$EnhancerBySpringCGLIB$$b6b810e.addNavigationMessages(<generated>)
    it.lispa.sire.finanziamentionline.web.mvc.UserSessionInterceptor.preHandle(UserSessionInterceptor.java:91)
    org.springframework.web.servlet.HandlerExecutionChain.applyPreHandle(HandlerExecutionChain.java:130)
    org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:939)
    org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:876)
    org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:961)
    org.springframework.web.servlet.FrameworkServlet.doGet(FrameworkServlet.java:852)
    javax.servlet.http.HttpServlet.service(HttpServlet.java:734)
    org.springframework.web.servlet.FrameworkServlet.service(FrameworkServlet.java:837)
    javax.servlet.http.HttpServlet.service(HttpServlet.java:847)

导航器bean被注入到@Controller和其他Interceptor中.

这是一个使用Navigator bean的拦截器:

    @Component
    public class UserSessionInterceptor extends HandlerInterceptorAdapter {

        @Autowired
        private Navigator navigator;


        static final Logger logger = Logger.getLogger(UserSessionInterceptor.class.getName());

        public static ConfigurationProperties getAuthenticationProps() throws IOException {
            return ConfigurationProperties.getInstance();
        }

        @Override
        public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception { 
...}
}

以下是spring.xml中的拦截器配置

<mvc:interceptor>
    <mvc:mapping path="/**"/>
    <mvc:exclude-mapping path="/static/**" />
    <mvc:exclude-mapping path="/index.jsp" />
    <mvc:exclude-mapping path="/logout" />
    <mvc:exclude-mapping path="/ajax-logout" />
    <bean class="it.lispa.sire.finanziamentionline.web.mvc.SessionExpiredInterceptor" />
</mvc:interceptor> 


<mvc:interceptor>
    <mvc:mapping path="/home"/>
    <mvc:exclude-mapping path="/static/**" />
    <mvc:exclude-mapping path="/logout" />
    <mvc:exclude-mapping path="/ajax-logout" />
    <bean class="it.lispa.sire.finanziamentionline.web.mvc.UserSessionInterceptor"/>
</mvc:interceptor> 

你能帮助我吗?
谢谢.

解决方法:

这里发生的是SessionExpiredInterceptor在UserSessionInterceptor之前起作用.如果它检测到会话是新的,它将执行重定向

response.sendRedirect(request.getContextPath() + "/" + 
    confProp.getInstance().getProperty("session.expired.redirect"));

重定向后,您基本上已经声明您已经完成了对请求的处理并发送了响应(301状态码).但是,相反,在您的代码中,您从preHandle返回true,这向DispatcherServlet指示它应继续处理请求,执行其他拦截器并最终到达@Controller.

你不要这个在if块中,在sendRedirect之后返回false.

标签:session-timeout,session,spring,java,spring-mvc
来源: https://codeday.me/bug/20191029/1959430.html