![](/img/trans.png)
[英]Spring source suite spring3 + Hibernate4 + maven 3 + MySQL 5
[英]Gae + Struts2 + Spring3 + Hibernate4 + MySQL in localhost doesn't create http session and datastore is always empty
我對數據存儲和休眠有問題,我已經能夠在本地主機中集成Gae + Struts2 + Spring3 + Hibernate4 + MySQL,並且一切正常,但是當我嘗試在HTTP中創建會話時,未創建會話或會話.getLastAccessedTime()始終為1970-01-01(默認值)。 當我轉到http:localhost:8080 / _ah / admin中的數據存儲鏈接時,沒有創建會話。
我將ESAPI用於安全性和此方法:
public boolean isSessionTimeout() {
HttpSession session = ESAPI.httpUtilities().getCurrentRequest().getSession(false);
if (session == null)
return true;
Date deadline = new Date(session.getLastAccessedTime() + IDLE_TIMEOUT_LENGTH);
Date now = new Date();
return now.after(deadline);
}
返回始終為true。
我已經在appengine-web.xml中啟用了會話,但是只要這種配置在tomcat中起作用,我就不理解該問題,但是在appengine 1.9.2版中存在某種問題。
我像這樣在Maven中構建項目:
<build>
<plugins>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<version>2.5.1</version>
<artifactId>maven-compiler-plugin</artifactId>
<configuration>
<source>1.7</source>
<target>1.7</target>
</configuration>
</plugin>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-war-plugin</artifactId>
<version>2.3</version>
<configuration>
<archiveClasses>true</archiveClasses>
<webResources>
<!-- in order to interpolate version from pom into appengine-web.xml -->
<resource>
<directory>${basedir}/src/main/webapp/WEB-INF</directory>
<filtering>true</filtering>
<targetPath>WEB-INF</targetPath>
</resource>
</webResources>
</configuration>
</plugin>
<plugin>
<groupId>com.google.appengine</groupId>
<artifactId>appengine-maven-plugin</artifactId>
<version>${appengine.app.version}</version>
<configuration>
<jvmFlags>
<jvmFlag>-Dappengine.generated.dir=${project.basedir}/appengine</jvmFlag>
<jvmFlag>-Ddatastore.backing_store=${project.basedir}/local_db.bin</jvmFlag>
</jvmFlags>
</configuration>
</plugin>
</plugins>
</build>
作為我的web.xml中的第一個過濾器,ESAPIFilter包含:
public void doFilter(ServletRequest req, ServletResponse resp, FilterChain chain) throws IOException {
HttpServletRequest request = (HttpServletRequest) req;
HttpServletResponse response = (HttpServletResponse) resp;
try {
ESAPI.httpUtilities().setCurrentHTTP(request, response);
} catch (Exception e) {
logger.error(Logger.SECURITY_FAILURE, "Error in ESAPI security filter: " + e.getMessage(), e);
}
try {
// figure out who the current user is
try {
ESAPI.authenticator().login();
} catch (AuthenticationException e) {
request.setAttribute("message", "Unauthorized");
}
// log this request, obfuscating any parameter named password
ESAPI.httpUtilities().logHTTPRequest(request, logger, Arrays.asList(obfuscate));
// check access to this URL
if (!ESAPI.accessController().isAuthorizedForURL(request.getRequestURI())) {
request.setAttribute("message", "Unauthorized");
}
// check for CSRF attacks
//ESAPI.httpUtilities().verifyCSRFToken(request);
// forward this request on to the web application
chain.doFilter(request, response);
// set up response with content type
ESAPI.httpUtilities().setContentType(response);
// set no-cache headers on every response
// only do this if the entire site should not be cached
// otherwise you should do this strategically in your controller or actions
ESAPI.httpUtilities().setNoCacheHeaders(response);
} catch (Exception e) {
logger.error(Logger.SECURITY_FAILURE, "Error in ESAPI security filter: " + e.getMessage(), e);
request.setAttribute("message", e.getMessage());
} finally {
// VERY IMPORTANT
// clear out the ThreadLocal variables in the authenticator
// some containers could possibly reuse this thread without clearing the User
try {
ESAPI.clearCurrent();
} catch (Exception e) {
logger.error(Logger.SECURITY_FAILURE, "Error in ESAPI security filter: " + e.getMessage(), e);
}
}
}
最后,我以某種方式找到了使用默認session.getLastAccessedTime()= 0創建會話的問題,並使用當前時間設置了該值,如下所示:
public boolean isSessionTimeout() {
HttpSession session = ESAPI.httpUtilities().getCurrentRequest().getSession(false);
if (session == null)
return true;
long lastAccessedTime=System.currentTimeMillis();
if(session.getLastAccessedTime()!=0){
lastAccessedTime=session.getLastAccessedTime();
}
Date deadline = new Date(lastAccessedTime + IDLE_TIMEOUT_LENGTH);
Date now = new Date();
return now.after(deadline);
}
終於一切都正常了,我可以在本地創建一個會話,但我還沒有在生產中嘗試過。
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.