0

嗨,我已经编写了一个身份验证事件侦听器模块来在最大登录尝试后锁定用户。

<beans:bean id="ftfStatsAuthenticationEvent" class="com.ibm.ftfstats.auth.FTFStatsAuthenticationEvent">
<beans:property name="userMgr" ref="userManager"></beans:property>
</beans:bean>

这就是用于捕获 AuthenticationFailure 事件的模块的定义方式

public void onApplicationEvent(ApplicationEvent event) {
    // TODO Auto-generated method stub
    if(event instanceof AuthenticationFailureBadCredentialsEvent){
        onAuthenticationFailureBadCredentialsEvent((AuthenticationFailureBadCredentialsEvent)event);
    }else if(event instanceof AuthenticationSuccessEvent){
        onAuthenticationSuccessEvent((AuthenticationSuccessEvent)event);
    }
}

    public void onAuthenticationFailureBadCredentialsEvent(AuthenticationFailureBadCredentialsEvent event){
    Authentication authentication = event.getAuthentication();
    String userId = authentication.getName();
    System.out.println("bad credential for user : " + userId);
    getUserMgr().encounterFailedlogin(userId);
    User user = getUserMgr().getUserById(userId);
}

getUserMgr()返回一个用户管理器类,其中方法encounterFailedlogin(userId)定义为

public User encounterFailedlogin(String userId) {
    // TODO Auto-generated method stub
    User user = getUserDAO().getUserById(userId);
    return encounterFailedlogin(user);

}

@Transactional
public User encounterFailedlogin(User user) {
    // TODO Auto-generated method stub
    int failedAttempts = user.getFailedAttempts() + 1;
    user.setFailedAttempts(failedAttempts);
    System.out.println("updating user");
    updateUser(user);
    return getUserDAO().getUserById(user.getUserID());
    //return true;
}
 @Transactional
public boolean updateUser(User user){
    getUserDAO().updateUser(user);
    return true;
}

用户 DAO 定义为:

public void addUser(User user){
    getSessionFactory().getCurrentSession().save(user);
}

我的应用程序上下文文件定义为

<!-- UserDB Session Factory Declaration -->
<bean id="UserSessionFactory" class="org.springframework.orm.hibernate4.LocalSessionFactoryBean">
    <property name="dataSource" ref="UserDataSource" />
    <property name="annotatedClasses">
        <list>
            <value>com.ibm.ftfstats.data.user.model.User</value>                
            <value>com.ibm.ftfstats.data.user.model.Environment</value>
            <value>com.ibm.ftfstats.data.user.model.Role</value>
            <value>com.ibm.ftfstats.data.user.model.Question</value>
            <value>com.ibm.ftfstats.data.user.model.SearchCriteria</value>
            <value>com.ibm.ftfstats.data.user.model.UserRequest</value>
            <value>com.ibm.ftfstats.data.user.model.RequestType</value>
            <value>com.ibm.ftfstats.data.user.model.RequestComment</value>
        </list>
    </property>
    <property name="hibernateProperties">
        <props>
            <prop key="hibernate.dialect">org.hibernate.dialect.MySQLDialect</prop>
            <prop key="hibernate.show_sql">true</prop>   

        </props>
    </property>
</bean>

<bean id = "transactionManager" class = "org.springframework.orm.hibernate4.HibernateTransactionManager">
    <property name = "sessionFactory" ref = "UserSessionFactory" />
</bean>

<tx:annotation-driven/>

<!-- DAOs List goes here -->
<bean id="UserDAO" class="com.ibm.ftfstats.data.dao.UserDAO">
    <property name="sessionFactory" ref="UserSessionFactory"></property>
    <property name="msg" ref="msgBundle"></property>
</bean>
<bean id="userManager" class="com.ibm.ftfstats.service.impl.UserManagerImp">
    <property name="userDAO" ref="UserDAO" />       
</bean>

这是我在登录表单中输入错误凭据时遇到的错误

SEVERE: Servlet.service() for servlet default threw exception
org.hibernate.HibernateException: No Session found for current thread
at org.springframework.orm.hibernate4.SpringSessionContext.currentSession(SpringSessionContext.java:97)
at org.hibernate.internal.SessionFactoryImpl.getCurrentSession(SessionFactoryImpl.java:978)
at com.ibm.ftfstats.data.dao.UserDAO.updateUser(UserDAO.java:35)
at com.ibm.ftfstats.data.dao.UserDAO$$FastClassByCGLIB$$37731f27.invoke(<generated>)
at org.springframework.cglib.proxy.MethodProxy.invoke(MethodProxy.java:204)
at org.springframework.aop.framework.CglibAopProxy$DynamicAdvisedInterceptor.intercept(CglibAopProxy.java:627)
at com.ibm.ftfstats.data.dao.UserDAO$$EnhancerByCGLIB$$388b21db.updateUser(<generated>)
at com.ibm.ftfstats.service.impl.UserManagerImp.updateUser(UserManagerImp.java:97)
at com.ibm.ftfstats.service.impl.UserManagerImp.encounterFailedlogin(UserManagerImp.java:84)
at com.ibm.ftfstats.service.impl.UserManagerImp.encounterFailedlogin(UserManagerImp.java:74)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:317)
at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:198)
at $Proxy17.encounterFailedlogin(Unknown Source)
at  com.ibm.ftfstats.auth.FTFStatsAuthenticationEvent.onAuthenticationFailureBadCredentialsEvent(FTFStatsAuthenticationEvent.java:42)
at com.ibm.ftfstats.auth.FTFStatsAuthenticationEvent.onApplicationEvent(FTFStatsAuthenticationEvent.java:29)

谁能建议我哪里出错了。

4

3 回答 3

1

通常,当一个方法在一个类中调用但仅从另一个类调用时,spring 代理不起作用。您可以使用 aspectj 来解决该问题或重新设计您的课程。

了解 aop 代理

于 2013-03-16T09:13:19.870 回答
0

public User encounterFailedlogin(String userId)需要用 注释@Transactional。据我所知,这是从类外部调用的方法。

return encounterFailedlogin(user);是内部调用,因此没有代理。所以在这种情况下public User encounterFailedlogin(User user),不知道是事务性的。

于 2013-03-16T19:01:51.253 回答
0

您确定在应用程序上下文中定义了 UserDataSource 吗?我没有看到一个。

于 2013-03-16T13:55:40.257 回答