[英]Spring MVC @SessionAttributes
这是我的控制器代码:我在下面的“doLogin”方法中将我的对象放在一个地图中,我试图在我的“注销”函数中访问它,但是当我试图获取我的值时,我得到null值使用“map.get(key)”的会话属性
@Controller
@SessionAttributes(value={"session1"})
public class CredentialsController {
@Autowired
private Authentication authenticationDao;
@Autowired
private User userDao;
@RequestMapping(value="/start",method=RequestMethod.GET) //Default Method
public String doStart(@ModelAttribute CredentialsBean credentialsBean)
{
return "login";
}
@RequestMapping(value="/login",method=RequestMethod.GET) //Default Method
public String doLogin(@ModelAttribute CredentialsBean credentialsBean,Map<String,Object> map)
{
String result="";
if(credentialsBean!=null){
if(authenticationDao.authenticate(credentialsBean)){
String userType=authenticationDao.authorize(credentialsBean.getUserID());
if(userType.equalsIgnoreCase("A")){
CredentialsBean cBean= authenticationDao.changeLoginStatus(credentialsBean, 1);
map.put("session1",cBean); ----->Here I am putting the object inside a map .
result= "admin";
//map.put("username",credentialsBean.getProfileBean().getFirstName());
}
else{
CredentialsBean cBean=authenticationDao.changeLoginStatus(credentialsBean, 1);
map.put("session1",cBean.getUserID());
//System.out.println(cBean.getUserID());
result= "customer";
//map.put("username",credentialsBean.getProfileBean().getFirstName());
}
}
else{
result="ERROR";
}
}
return result;
}
@RequestMapping(value="/logout",method=RequestMethod.GET) //Default Method
public String doLogout(Map<String,Object > map)
{
CredentialsBean credentialsBean=(CredentialsBean)map.get("session1");
//System.out.println(userID);
System.out.println(credentialsBean.getUserID());
if(credentialsBean!=null){
if(userDao.logout(credentialsBean.getUserID())){
return "logout";
}
else{
return "error1";
}
}
else{
return "error";
}
}
}
这是我的方式:在你的doLogin
方法中你应该添加HttpSession session
:
@RequestMapping(value="/login",method=RequestMethod.GET) //Default Method
public String doLogin(@ModelAttribute CredentialsBean credentialsBean, HttpSession session)
{
String result="";
if(credentialsBean!=null){
if(authenticationDao.authenticate(credentialsBean)){
String userType=authenticationDao.authorize(credentialsBean.getUserID());
if(userType.equalsIgnoreCase("A")){
CredentialsBean cBean= authenticationDao.changeLoginStatus(credentialsBean, 1);
// add object to session
session.setAttribute("session1",cBean);
result= "admin";
//map.put("username",credentialsBean.getProfileBean().getFirstName());
}
else{
CredentialsBean cBean=authenticationDao.changeLoginStatus(credentialsBean, 1);
session.setAttribute("session1",cBean);
result= "customer";
}
}
else{
result="ERROR";
}
}
return result;
}
请注意,你应该为了日后安全取回其添加到同类型的会话对象(因为现在你添加不同的对象cBean
和cBean.getUserID()
对于同一个密钥session1
)
然后在您的注销中:
@RequestMapping(value="/logout",method=RequestMethod.GET) //Default Method
public String doLogout(HttpSession session)
{
CredentialsBean credentialsBean=(CredentialsBean)session.getAttribute("session1");
.....
}
但无论如何,既然你在这里实现login \\ logout,我鼓励你学习更多有关Spring Security的知识。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.