gpt4 book ai didi

java - 在 AuthenticationSuccessHandler 中设置 session 范围的对象

转载 作者:搜寻专家 更新时间:2023-10-31 20:27:21 29 4
gpt4 key购买 nike

(编辑澄清)我有一个 POJO (SessionStorage) 来存储 session 特定数据,我想在成功验证后填充这些数据。由于我将 Scope 设置为“session”,我期望 MainController 和 AuthenticationSuccesshandler 使用相同的对象实例。

当我运行 WebApp 时,主 Controller 启动一个实例(如预期的那样),但是当我登录时,AuthenticationSuccesshandler 似乎没有 Autowiring SessionStorage 对象,因为它抛出 NullPointerException。

如何让它做我想做的事?以下是我的代码摘录:

@Component
@Scope(value = "session", proxyMode = ScopedProxyMode.TARGET_CLASS)
public class SessionStorage implements Serializable{
long id;
public int getId() {
return id;
}

public SessionStorage() {
System.out.println("New Session Storage");
id = System.currentTimeMillis();
}
}

主 Controller 如下所示:

@Controller
@Scope("request")
@RequestMapping("/")
public class MainController {
@Autowired
private SessionStorage sessionStorage;

@RequestMapping(value = "/login", method = RequestMethod.GET)
public ModelAndView login(
@RequestParam(value = "error", required = false) String error,
@RequestParam(value = "logout", required = false) String logout) {

System.out.println(sessionStorage.getId()); //Works fine

ModelAndView model = new ModelAndView();
if (error != null) {
model.addObject("error", "Invalid username and password!");
}

if (logout != null) {
model.addObject("msg", "You've been logged out successfully.");
}
model.setViewName("login");
return model;
}
}

AuthentificationSuccesshandler(抛出错误的地方):

public class AuthentificationSuccessHandler implements AuthenticationSuccessHandler {

@Autowired
private SessionStorage sessionStorage;

@Override
public void onAuthenticationSuccess(HttpServletRequest hsr, HttpServletResponse hsr1, Authentication a) throws IOException, ServletException {
System.out.println("Authentication successful: " + a.getName());
System.out.println(sessionStorage.getId()); //NullPointerException
}
}

spring-security.xml相关部分:

<beans:bean id="authentificationFailureHandler" class="service.AuthentificationFailureHandler" />
<beans:bean id="authentificationSuccessHandler" class="service.AuthentificationSuccessHandler" />
<http auto-config="true" use-expressions="true">
<intercept-url pattern="/secure/**" access="hasRole('USER')" />


<form-login
login-page="/login"
default-target-url="/index"
authentication-failure-handler-ref="authentificationFailureHandler"
authentication-failure-url="/login?error"
authentication-success-handler-ref="authentificationSuccessHandler"
username-parameter="username"
password-parameter="password" />
<logout logout-success-url="/login?logout" />
<!-- enable csrf protection -->
<csrf/>
</http>

web-xml:

<listener>
<listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
</listener>

最佳答案

这个问题很旧,但在 Google 中显示为指向我的问题的第一个链接。

我发现最有效的修复方法是在自定义 AuthenticationSuccessHandler 上设置范围。

@Component
@Scope(value="session", proxyMode = ScopedProxyMode.TARGET_CLASS)

可在此处找到更多详细信息: https://tuhrig.de/making-a-spring-bean-session-scoped/

关于java - 在 AuthenticationSuccessHandler 中设置 session 范围的对象,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/30697202/

29 4 0
Copyright 2021 - 2024 cfsdn All Rights Reserved 蜀ICP备2022000587号
广告合作:1813099741@qq.com 6ren.com