我在我的 Controller 中将一个用户 bean 作为 @SessionAttributes({"UserBean"}) 存储在 session 中。
我的目标是在 session 过期时将用户重定向到登录/错误页面。以下是我的代码片段
@RequestMapping(value = "searchOpportunity.htm", method = RequestMethod.GET)
public ModelAndView searchOpportunity(@ModelAttribute("UserBean") UserBean userBean) {
functionName = "searchOpportunity";
logger.info("HERE !!! In " + className + " - " + functionName + " ");
System.out.println("HERE !!! In " + className + " - " + functionName + " ");
try {
if (userBean == null) {
System.out.println(userBean);
return new ModelAndView("userLogout", "command", null);
}
} catch (Exception e) {
e.printStackTrace();
}
return new ModelAndView("opportunity/opportunitySearch", "command", new SearchOpportunityBean());
}
然而,当 session 过期时,我收到以下错误。
org.apache.catalina.core.StandardWrapperValve invoke
SEVERE: Servlet.service() for servlet mintDispatcher threw exception
org.springframework.web.HttpSessionRequiredException: Session attribute 'UserBean' required - not found in session
at org.springframework.web.servlet.mvc.annotation.AnnotationMethodHandlerAdapter$ServletHandlerMethodInvoker.raiseSessionRequiredException(AnnotationMethodHandlerAdapter.java:761)
at org.springframework.web.bind.annotation.support.HandlerMethodInvoker.resolveModelAttribute(HandlerMethodInvoker.java:758)
at org.springframework.web.bind.annotation.support.HandlerMethodInvoker.resolveHandlerArguments(HandlerMethodInvoker.java:356)
at org.springframework.web.bind.annotation.support.HandlerMethodInvoker.invokeHandlerMethod(HandlerMethodInvoker.java:171)
at org.springframework.web.servlet.mvc.annotation.AnnotationMethodHandlerAdapter.invokeHandlerMethod(AnnotationMethodHandlerAdapter.java:436)
at org.springframework.web.servlet.mvc.annotation.AnnotationMethodHandlerAdapter.handle(AnnotationMethodHandlerAdapter.java:424)
at org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:790)
at org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:719)
at org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:644)
at org.springframework.web.servlet.FrameworkServlet.doGet(FrameworkServlet.java:549)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:617)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:717)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:233)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:191)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:128)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:293)
at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:849)
at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:583)
at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:454)
at java.lang.Thread.run(Unknown Source)
如果 userbean 过期, Controller 代码似乎永远不会执行。是什么原因 ? 有什么解决方案?
最佳答案
为什么不使用 Spring Security 来尝试一下呢?
<sec:session-management invalid-session-url="/login">
<sec:concurrency-control expired-url="/login" />
</sec:session-management>
当用户 session 过期或无效时,这将重定向到/login 页面。
引用:http://docs.spring.io/spring-security/site/docs/3.0.x/reference/springsecurity.html
关于java - 一旦 session 过期,Spring MVC 将用户重定向到登录页面,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/23195795/