使用 Spring-Security 实现 HttpSessionLister 时出现问题
[英]Problem while implementing HttpSessionLister with Spring-Security
问题描述
I am using Spring/Hibernate and Spring-Security for my web-based application.
我正在为我的基于 Web 的应用程序使用 Spring/Hibernate 和 Spring-Security。 Now I have a requirement where I need to perform some database query at sessionDestroy method of HtppSessionLister.现在我有一个要求,我需要在 HtppSessionLister 的 sessionDestroy 方法中执行一些数据库查询。
Inside web.xml :在 web.xml 里面:
<listener>
<listener-class>com.test.TestSessionListner</listener-class>
</listener>
<session-config>
<session-timeout>1</session-timeout>
</session-config>
With my implementation, after session timeout (of 1 min), its calling the sessionDestroyed method and fetching the required Object of TestFacade from the ApplicationContext .在我的实现中,会话超时(1 分钟)后,它调用 sessionDestroyed 方法并从ApplicationContext获取所需的TestFacade对象。
Now my problem is whenever I am calling the following method using userFacade, its not able to execute the code inside the method :现在我的问题是每当我使用 userFacade 调用以下方法时,它都无法执行方法内的代码:
Person person = testFacade.findPersonByUserId(userId);
How can I identify the root cause for this?我怎样才能确定造成这种情况的根本原因?
1 个解决方案
解决方案1
0 已采纳 2011-09-09 10:50:31
Finally got the issue....终于找到问题了......
Inside sessionDestroyed I was calling a method :在sessionDestroyed里面我调用了一个方法:
Person person = testFacade.findPersonIdByUserId(userId);
which needs some higher permissions then anonymousUser to execute the method, and at sessionDestroyed its clearing the existing user and calling sessionDestroyed method with anonymousUser permission.它需要一些更高的权限然后anonymousUser才能执行该方法,并在sessionDestroyed清除现有用户并使用anonymousUser权限调用sessionDestroyed方法。
So finally I have written a code, which is calling a method using Administrator writes.所以最后我写了一个代码,它调用了一个使用管理员写的方法。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.