[英]Spring MVC @SessionAttributes
這是我的控制器代碼:我在下面的“doLogin”方法中將我的對象放在一個地圖中,我試圖在我的“注銷”函數中訪問它,但是當我試圖獲取我的值時,我得到null值使用“map.get(key)”的會話屬性
@Controller
@SessionAttributes(value={"session1"})
public class CredentialsController {
@Autowired
private Authentication authenticationDao;
@Autowired
private User userDao;
@RequestMapping(value="/start",method=RequestMethod.GET) //Default Method
public String doStart(@ModelAttribute CredentialsBean credentialsBean)
{
return "login";
}
@RequestMapping(value="/login",method=RequestMethod.GET) //Default Method
public String doLogin(@ModelAttribute CredentialsBean credentialsBean,Map<String,Object> map)
{
String result="";
if(credentialsBean!=null){
if(authenticationDao.authenticate(credentialsBean)){
String userType=authenticationDao.authorize(credentialsBean.getUserID());
if(userType.equalsIgnoreCase("A")){
CredentialsBean cBean= authenticationDao.changeLoginStatus(credentialsBean, 1);
map.put("session1",cBean); ----->Here I am putting the object inside a map .
result= "admin";
//map.put("username",credentialsBean.getProfileBean().getFirstName());
}
else{
CredentialsBean cBean=authenticationDao.changeLoginStatus(credentialsBean, 1);
map.put("session1",cBean.getUserID());
//System.out.println(cBean.getUserID());
result= "customer";
//map.put("username",credentialsBean.getProfileBean().getFirstName());
}
}
else{
result="ERROR";
}
}
return result;
}
@RequestMapping(value="/logout",method=RequestMethod.GET) //Default Method
public String doLogout(Map<String,Object > map)
{
CredentialsBean credentialsBean=(CredentialsBean)map.get("session1");
//System.out.println(userID);
System.out.println(credentialsBean.getUserID());
if(credentialsBean!=null){
if(userDao.logout(credentialsBean.getUserID())){
return "logout";
}
else{
return "error1";
}
}
else{
return "error";
}
}
}
這是我的方式:在你的doLogin
方法中你應該添加HttpSession session
:
@RequestMapping(value="/login",method=RequestMethod.GET) //Default Method
public String doLogin(@ModelAttribute CredentialsBean credentialsBean, HttpSession session)
{
String result="";
if(credentialsBean!=null){
if(authenticationDao.authenticate(credentialsBean)){
String userType=authenticationDao.authorize(credentialsBean.getUserID());
if(userType.equalsIgnoreCase("A")){
CredentialsBean cBean= authenticationDao.changeLoginStatus(credentialsBean, 1);
// add object to session
session.setAttribute("session1",cBean);
result= "admin";
//map.put("username",credentialsBean.getProfileBean().getFirstName());
}
else{
CredentialsBean cBean=authenticationDao.changeLoginStatus(credentialsBean, 1);
session.setAttribute("session1",cBean);
result= "customer";
}
}
else{
result="ERROR";
}
}
return result;
}
請注意,你應該為了日后安全取回其添加到同類型的會話對象(因為現在你添加不同的對象cBean
和cBean.getUserID()
對於同一個密鑰session1
)
然后在您的注銷中:
@RequestMapping(value="/logout",method=RequestMethod.GET) //Default Method
public String doLogout(HttpSession session)
{
CredentialsBean credentialsBean=(CredentialsBean)session.getAttribute("session1");
.....
}
但無論如何,既然你在這里實現login \\ logout,我鼓勵你學習更多有關Spring Security的知識。
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.