1

在我的项目中,我需要 SessionBean 来存储与当前会话关联的对象。在创建会话并且用户通过身份验证时,我想为我的 bean 设置对象。

豆定义:

<bean scope="session" class="org.example.SessionBean">
    <aop:scoped-proxy/>
</bean>

身份验证侦听器:

public class SpringAuthenticationListener implements ApplicationListener<ApplicationEvent> {

private LogService logService;

private UserService userService;

@Autowired
private SessionBean sessionBean;

public SpringAuthenticationListener(LogService logService, UserService userService) {
    this.logService = logService;
    this.userService = userService;
}

@Override
public void onApplicationEvent(ApplicationEvent e) {
    LogEvent logEvent = new LogEvent();

    if (e instanceof AuthenticationSuccessEvent) {
        AuthenticationSuccessEvent event = (AuthenticationSuccessEvent) e;
        UserDetails userDetails = (UserDetails) event.getAuthentication().getPrincipal();

        User loggedUser = userService.getUser( userDetails.getUsername() );
        sessionBean.setLoggedUser(loggedUser);
    } 
}

}

但是,问题是我无法获取当前 SessionBean 实例的实例。那是我的错误:

org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'scopedTarget.org.example.SessionBean#0': Scope 'session' is not active for the current thread; consider defining a scoped proxy for this bean if you intend to refer to it from a singleton; nested exception is java.lang.IllegalStateException: No thread-bound request found: Are you referring to request attributes outside of an actual web request, or processing a request outside of the originally receiving thread? If you are actually operating within a web request and still receive this message, your code is probably running outside of DispatcherServlet/DispatcherPortlet: In this case, use RequestContextListener or RequestContextFilter to expose the current request.

我该怎么做?什么事件或监听器会让我用当前用户初始化 SessionBean。

4

1 回答 1

1

Spring Security 使用Filter过滤器进行操作,在 any 之前执行Servlet,因此也在DispatcherServlet. 为了能够使用requestsession限定 bean RequestContext,需要 a。这通常由DispatcherServlet. 当想要在 之外使用作用域 bean 时,DispatcherServlet您需要做一些额外的设置。正如异常所指出的:

使用 RequestContextListener 或 RequestContextFilter 来公开当前请求。

要修复添加RequestContextListenerRequestContextFilter到您的web.xml. 使用后者时,请确保它在 else 之前执行,springSecurityFilterChain否则它不会生效。侦听器总是在任何过滤器之前执行。

于 2015-07-01T12:05:19.110 回答