Spring MVC @SessionAttributes

Question

這是我的控制器代碼：我在下面的“doLogin”方法中將我的對象放在一個地圖中，我試圖在我的“注銷”函數中訪問它，但是當我試圖獲取我的值時，我得到null值使用“map.get（key）”的會話屬性

@Controller
@SessionAttributes(value={"session1"})
public class CredentialsController {

    @Autowired
     private Authentication authenticationDao;

    @Autowired
     private User userDao;

    @RequestMapping(value="/start",method=RequestMethod.GET)   //Default Method
    public  String  doStart(@ModelAttribute CredentialsBean credentialsBean)  
    {
        return "login";
    }

    @RequestMapping(value="/login",method=RequestMethod.GET)   //Default Method
    public  String  doLogin(@ModelAttribute CredentialsBean credentialsBean,Map<String,Object> map)
    {   
        String result="";
        if(credentialsBean!=null){
            if(authenticationDao.authenticate(credentialsBean)){
                String userType=authenticationDao.authorize(credentialsBean.getUserID());
                if(userType.equalsIgnoreCase("A")){

                    CredentialsBean cBean= authenticationDao.changeLoginStatus(credentialsBean, 1);
                    map.put("session1",cBean);  ----->Here I am putting the object inside a map .
                    result= "admin";
                    //map.put("username",credentialsBean.getProfileBean().getFirstName());
                }
                else{


                    CredentialsBean cBean=authenticationDao.changeLoginStatus(credentialsBean, 1);
                    map.put("session1",cBean.getUserID());
                    //System.out.println(cBean.getUserID());
                    result= "customer";

                    //map.put("username",credentialsBean.getProfileBean().getFirstName());
                }
            }
            else{
                result="ERROR";
            }
        }

        return result;
    }

    @RequestMapping(value="/logout",method=RequestMethod.GET)   //Default Method
    public  String  doLogout(Map<String,Object >  map)
    {
        CredentialsBean credentialsBean=(CredentialsBean)map.get("session1");

        //System.out.println(userID);
        System.out.println(credentialsBean.getUserID());
        if(credentialsBean!=null){
            if(userDao.logout(credentialsBean.getUserID())){
                return "logout";
            }
            else{
                return "error1";
            }

        }
        else{
            return "error";
        }
    }
}

Answer 1

這是我的方式：在你的doLogin方法中你應該添加HttpSession session ：

@RequestMapping(value="/login",method=RequestMethod.GET)   //Default Method
public  String  doLogin(@ModelAttribute CredentialsBean credentialsBean, HttpSession session)
{   
    String result="";
    if(credentialsBean!=null){
        if(authenticationDao.authenticate(credentialsBean)){
            String userType=authenticationDao.authorize(credentialsBean.getUserID());
            if(userType.equalsIgnoreCase("A")){

                CredentialsBean cBean= authenticationDao.changeLoginStatus(credentialsBean, 1);
                // add object to session
                session.setAttribute("session1",cBean);
                result= "admin";
                //map.put("username",credentialsBean.getProfileBean().getFirstName());
            }
            else{
                CredentialsBean cBean=authenticationDao.changeLoginStatus(credentialsBean, 1);
                session.setAttribute("session1",cBean);
                result= "customer";
            }
        }
        else{
            result="ERROR";
        }
    }

    return result;
}

請注意，你應該為了日后安全取回其添加到同類型的會話對象（因為現在你添加不同的對象cBean和cBean.getUserID()對於同一個密鑰session1 ）

然后在您的注銷中：

    @RequestMapping(value="/logout",method=RequestMethod.GET)   //Default Method
    public  String  doLogout(HttpSession session)
    {
        CredentialsBean credentialsBean=(CredentialsBean)session.getAttribute("session1");
       .....
}

但無論如何，既然你在這里實現login \\ logout，我鼓勵你學習更多有關Spring Security的知識。