Java 一旦会话过期,Spring MVC将用户重定向到登录页面
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/23195795/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
Spring MVC redirect user to login page once session is expired
提问by Abhishek Singh
I have stored a user bean in session as @SessionAttributes({"UserBean"})in my controller.
我已经在会话中存储了一个用户 bean,就像@SessionAttributes({"UserBean"})在我的控制器中一样。
My aim is to redirect user to login/error page if session is expired. Following is my code snippet
我的目标是在会话过期时将用户重定向到登录/错误页面。以下是我的代码片段
@RequestMapping(value = "searchOpportunity.htm", method = RequestMethod.GET)
public ModelAndView searchOpportunity(@ModelAttribute("UserBean") UserBean userBean) {
functionName = "searchOpportunity";
logger.info("HERE !!! In " + className + " - " + functionName + " ");
System.out.println("HERE !!! In " + className + " - " + functionName + " ");
try {
if (userBean == null) {
System.out.println(userBean);
return new ModelAndView("userLogout", "command", null);
}
} catch (Exception e) {
e.printStackTrace();
}
return new ModelAndView("opportunity/opportunitySearch", "command", new SearchOpportunityBean());
}
However when the session is expired i get the following error.
但是,当会话过期时,我收到以下错误。
org.apache.catalina.core.StandardWrapperValve invoke
SEVERE: Servlet.service() for servlet mintDispatcher threw exception
org.springframework.web.HttpSessionRequiredException: Session attribute 'UserBean' required - not found in session
at org.springframework.web.servlet.mvc.annotation.AnnotationMethodHandlerAdapter$ServletHandlerMethodInvoker.raiseSessionRequiredException(AnnotationMethodHandlerAdapter.java:761)
at org.springframework.web.bind.annotation.support.HandlerMethodInvoker.resolveModelAttribute(HandlerMethodInvoker.java:758)
at org.springframework.web.bind.annotation.support.HandlerMethodInvoker.resolveHandlerArguments(HandlerMethodInvoker.java:356)
at org.springframework.web.bind.annotation.support.HandlerMethodInvoker.invokeHandlerMethod(HandlerMethodInvoker.java:171)
at org.springframework.web.servlet.mvc.annotation.AnnotationMethodHandlerAdapter.invokeHandlerMethod(AnnotationMethodHandlerAdapter.java:436)
at org.springframework.web.servlet.mvc.annotation.AnnotationMethodHandlerAdapter.handle(AnnotationMethodHandlerAdapter.java:424)
at org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:790)
at org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:719)
at org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:644)
at org.springframework.web.servlet.FrameworkServlet.doGet(FrameworkServlet.java:549)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:617)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:717)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:233)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:191)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:128)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:293)
at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:849)
at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:583)
at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:454)
at java.lang.Thread.run(Unknown Source)
Seems like the controller code is never executed if userbean is expired. What is the reason ? What can be a solution ?
如果 userbean 过期,似乎永远不会执行控制器代码。是什么原因 ?有什么办法可以解决?
回答by Pantelis Papapoulias
Why don't you try this with Spring Security?
为什么不试试 Spring Security 呢?
<sec:session-management invalid-session-url="/login">
<sec:concurrency-control expired-url="/login" />
</sec:session-management>
This will redirect to /login page when the user's session is expired or invalid.
当用户的会话过期或无效时,这将重定向到 /login 页面。
Ref: http://docs.spring.io/spring-security/site/docs/3.0.x/reference/springsecurity.html
参考:http: //docs.spring.io/spring-security/site/docs/3.0.x/reference/springsecurity.html
回答by Prasad
You can do it by the help of HandlerInterceptorAdapter. The preHandle() method should return true if the execution chain should proceed with the next interceptor or the handler( your controller) itself. Else, DispatcherServlet assumes that this interceptor has already dealt with the response itself.
您可以在 HandlerInterceptorAdapter 的帮助下完成。如果执行链应继续下一个拦截器或处理程序(您的控制器)本身,则 preHandle() 方法应返回 true。否则, DispatcherServlet 假设这个拦截器已经处理了响应本身。
public class YourInterceptor extends HandlerInterceptorAdapter {
public boolean preHandle(HttpServletRequest request,
HttpServletResponse response, Object handler) throws Exception {
UserBean userBean = (UserBean) WebUtils.getSessionAttribute(request, "UserBean");
if(userBean == null){
//whatever you want to do
return throw new ModelAndViewDefiningException(new ModelAndView("userLogout", "command", null));
}else{
return true;
}
}
}
and specify this interceptor in your handler mapping definitions as:
并在您的处理程序映射定义中将此拦截器指定为:
<bean id="yourInterceptor" class="package.YourInterceptor"/>
<bean id="urlMapping" class="org.springframework.web.servlet.handler.SimpleUrlHandlerMapping">
<property name="order" value="1" />
<property name="interceptors">
<list>
<ref bean="yourInterceptor" />
</list>
</property>
<property name="mappings">
<props>
<prop key="/searchOpportunity.htm">YourController</prop>
</props>
</property>
</bean>
