[英]Problem while implementing HttpSessionLister with Spring-Security
I am using Spring/Hibernate and Spring-Security for my web-based application.我正在为我的基于 Web 的应用程序使用 Spring/Hibernate 和 Spring-Security。 Now I have a requirement where I need to perform some database query at sessionDestroy method of HtppSessionLister.
现在我有一个要求,我需要在 HtppSessionLister 的 sessionDestroy 方法中执行一些数据库查询。
Inside web.xml :在 web.xml 里面:
<listener>
<listener-class>com.test.TestSessionListner</listener-class>
</listener>
<session-config>
<session-timeout>1</session-timeout>
</session-config>
With my implementation, after session timeout (of 1 min), its calling the sessionDestroyed method and fetching the required Object of TestFacade from the ApplicationContext .在我的实现中,会话超时(1 分钟)后,它调用 sessionDestroyed 方法并从ApplicationContext获取所需的TestFacade对象。
Now my problem is whenever I am calling the following method using userFacade, its not able to execute the code inside the method :现在我的问题是每当我使用 userFacade 调用以下方法时,它都无法执行方法内的代码:
Person person = testFacade.findPersonByUserId(userId);
How can I identify the root cause for this?我怎样才能确定造成这种情况的根本原因?
Finally got the issue....终于找到问题了......
Inside sessionDestroyed
I was calling a method :在
sessionDestroyed
里面我调用了一个方法:
Person person = testFacade.findPersonIdByUserId(userId);
which needs some higher permissions then anonymousUser
to execute the method, and at sessionDestroyed
its clearing the existing user and calling sessionDestroyed
method with anonymousUser
permission.它需要一些更高的权限然后
anonymousUser
才能执行该方法,并在sessionDestroyed
清除现有用户并使用anonymousUser
权限调用sessionDestroyed
方法。
So finally I have written a code, which is calling a method using Administrator writes.所以最后我写了一个代码,它调用了一个使用管理员写的方法。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.