0

谢谢阅读。我正在使用带有 HDIV 3 的 Spring MVC 4。该应用程序运行良好,除非在 10-15 分钟不活动后,应用程序将在首次登录时有效的链接上出错。日志中的错误消息是 INVALID_PAGE_ID。你能建议一些配置来验证吗?可能与超时有关吗?会话或状态缓存可能。

谢谢

谢谢回复。在应用程序中有很多地方我们执行 history.back(1) 或点击浏览器的后退按钮。缓存的“第一个”参数(我们称之为 HDIV_STATE)会导致问题吗?我们在使用浏览器后退按钮时看到这些问题,之前的请求运行良好:

1.) 2017-11-16 10:33:58,279:信息:ajp-bio-10082-exec-1:记录器:INVALID_HDIV_PARAMETER_VALUE;/smartadmin/caseHistory.action;rst;3-0-57C9472F08B18562F8AE3F5B1EED6539D;;50.2350。 50.235.239.50;sppsapadmin; 其次是 2.) 2017-11-16 10:34:12,551:信息:ajp-bio-10082-exec-8:记录器:INVALID_PAGE_ID;/smartadmin/homeS911.action;rst;14-1-D901769F56363F973FC0AD848C6E9BE2;;50.235。 239.50;50.235.239.50;sppsapadmin;

有什么补救的建议吗?申请变更?解决方法?

配置 Spring/Jedis/Redis

班级:

public class HdivConfiguration extends HdivWebSecurityConfigurerAdapter {

-- other methods

@Override
public void configure(SecurityConfigBuilder builder) {
    builder
        .sessionExpired()
            .homePage("/")
            .loginPage(SecurityConfig.LOGIN)
        .and()
            .errorPage("/error.action")
            .maxPagesPerSession(30)
            .confidentiality(true)
            .validateUrlsWithoutParams(false)
            .showErrorPageOnEditableValidation(true) // Routes users to /error.action on security violation
            .cookiesConfidentiality(false)
            .cookiesIntegrity(false)
            .randomName(false)
            .stateParameterName("rst")
            .reuseExistingPageInAjaxRequest(true);
}

}

罐子:

account-profile-1.18.2.jar (508.54 KB)
activation-1.1.jar (61.5 KB)
antlr-2.7.7.jar (434.85 KB)
aopalliance-1.0.jar (4.36 KB)
classmate-1.3.0.jar (62.6 KB)
commons-beanutils-1.8.3.jar (226.58 KB)
commons-codec-1.10.jar (277.52 KB)
commons-collections4-4.1.jar (733.63 KB)
commons-digester-2.0.jar (145.29 KB)
commons-fileupload-1.3.2.jar (68.63 KB)
commons-io-2.4.jar (180.8 KB)
commons-lang-2.6.jar (277.55 KB)
commons-lang3-3.4.jar (424.49 KB)
commons-logging-1.2.jar (60.37 KB)
commons-pool2-2.4.2.jar (109.34 KB)
commons-validator-1.4.0.jar (172.75 KB)
concurrent-4.2.1.GA.jar (247.93 KB)
corporateprofile-core-1.23.3.jar (643.88 KB)
dom4j-1.6.1.jar (306.54 KB)
freemarker-2.3.23.jar (1.28 MB)
gcm-server-1.0.jar (19.25 KB)
geronimo-jta_1.1_spec-1.1.1.jar (15.65 KB)
gson-2.6.1.jar (225.47 KB)
guava-19.0.jar (2.2 MB)
hdiv-config-3.2.0.jar (61.54 KB)
hdiv-core-3.2.0.jar (139.16 KB)
hdiv-jstl-taglibs-1.2-3.2.0.jar (20.3 KB)
hdiv-spring-mvc-3.2.0.jar (19.61 KB)
hibernate-commons-annotations-5.0.1.Final.jar (73.52 KB)
hibernate-core-5.1.0.Final.jar (5.41 MB)
hibernate-jpa-2.1-api-1.0.0.Final.jar (110.71 KB)
hibernate-validator-5.2.4.Final.jar (687.95 KB)
httpclient-4.5.2.jar (719.39 KB)
httpcore-4.4.4.jar (319.06 KB)
httpi-client-3.5.1.jar (13.28 KB)
imgscalr-lib-4.2.jar (27.23 KB)
jackson-annotations-2.7.0.jar (49.7 KB)
jackson-core-2.7.1.jar (246.38 KB)
jackson-databind-2.7.1-1.jar (1.14 MB)
jackson-datatype-hibernate5-2.7.2-r1.jar (20.36 KB)
jai-codec-1.1.3.jar (252.1 KB)
jai-core-1.1.3.jar (1.81 MB)
jandex-2.0.0.Final.jar (183.35 KB)
jasypt-1.9.0.jar (122.69 KB)
javapns-jdk16-2.4.0.jar (149.45 KB)
javassist-3.20.0-GA.jar (732.98 KB)
javax.el-api-2.2.4.jar (37.95 KB)
jboss-client-4.2.1.GA.jar (189.1 KB)
jboss-common-client-1.2.0.GA.MOD.jar (368.92 KB)
jboss-j2ee-4.2.1.GA.jar (413.77 KB)
jboss-logging-3.3.0.Final.jar (65.23 KB)
jboss-remoting-2.2.1.GA.jar (862.2 KB)
jbossha-client-4.2.1.GA.jar (51.93 KB)
jbossmq-client-4.2.1.GA.jar (325.06 KB)
jcl-over-slf4j-1.7.24.jar (16.12 KB)
jedis-2.9.0.jar (540.78 KB)
jnp-client-4.2.1.GA.jar (31.67 KB)
joda-time-2.9.6.jar (617.46 KB)
json-simple-1.1.1-rave.jar (23.37 KB)
jstl-1.2.jar (404.53 KB)
jts-1.13.jar (776.35 KB)
log4j-1.2.17.jar (478.4 KB)
mail-1.4.jar (379.75 KB)
mediautil-1.0.jar (116.99 KB)
mysql-connector-java-5.1.44.jar (976.2 KB)
opencsv-1.8.jar (8.51 KB)
organizations-1.14.1.jar (78.94 KB)
passhash-1.0.4.jar (17.83 KB)
psap-1.15.2.jar (75.44 KB)
quartz-2.2.0.jar (638.43 KB)
rave-case-1.20.1.jar (353.64 KB)
rave-common-dao-1.4.1.jar (11.91 KB)
rave-common-geo-1.4.2.jar (38.66 KB)
rave-common-jobs-1.4.1.jar (48.43 KB)
rave-common-logging-1.4.1.jar (6.99 KB)
rave-common-monitor-1.3.3.jar (6.01 KB)
rave-common-msg-1.5.1.jar (127.75 KB)
rave-common-safelist-1.1.3.jar (12.72 KB)
rave-common-util-1.4.2.jar (93.18 KB)
rave-db-corporateprofile-1.22.1.jar (28.73 KB)
rave-messaging-brokerapi-1.30.0.jar (16.16 KB)
rave-messaging-carrierlookup-1.26.0.jar (11.57 KB)
rave-messaging-common-1.26.0.jar (51.94 KB)
sanselan-0.97-incubator.jar (494.08 KB)
sardine-5.7.jar (127.36 KB)
slf4j-api-1.7.24.jar (40.23 KB)
slf4j-log4j12-1.7.16.jar (9.7 KB)
spring-aop-4.3.7.RELEASE.jar (371.09 KB)
spring-beans-4.3.7.RELEASE.jar (744.87 KB)
spring-context-4.3.7.RELEASE.jar (1.08 MB)
spring-context-support-4.3.7.RELEASE.jar (182.7 KB)
spring-core-4.3.7.RELEASE.jar (1.06 MB)
spring-data-commons-1.13.1.RELEASE.jar (746.67 KB)
spring-data-keyvalue-1.2.1.RELEASE.jar (102.31 KB)
spring-data-redis-1.8.1.RELEASE.jar (1.16 MB)
spring-expression-4.3.7.RELEASE.jar (257.11 KB)
spring-jdbc-4.3.2.RELEASE.jar (416.34 KB)
spring-orm-4.3.2.RELEASE.jar (464.99 KB)
spring-oxm-4.3.7.RELEASE.jar (83.32 KB)
spring-security-acl-4.1.3.RELEASE.jar (82.99 KB)
spring-security-config-4.1.3.RELEASE.jar (532.7 KB)
spring-security-core-4.1.3.RELEASE.jar (367.36 KB)
spring-security-taglibs-4.1.3.RELEASE.jar (19.19 KB)
spring-security-web-4.1.3.RELEASE.jar (351.41 KB)
spring-session-1.3.0.RELEASE.jar (191.41 KB)
spring-session-data-redis-1.3.0.RELEASE.jar (261 B)
spring-tx-4.3.7.RELEASE.jar (260.85 KB)
spring-web-4.3.2.RELEASE.jar (792.65 KB)
spring-webmvc-4.3.2.RELEASE.jar (892.56 KB)
swiftreach1-1.1.jar (196.57 KB)
tika-core-1.14.jar (604.67 KB)
user-1.13.1.jar (45.85 KB)
utility-1.15.1.jar (74.71 KB)
validation-api-1.1.0.Final.jar (62.28 KB)
xercesImpl-2.8.1.jar (1.15 MB)
xml-apis-1.3.03.jar (190.54 KB)
4

1 回答 1

0

Hdiv 将数据存储在用户会话中,因此在会话因超时或用户操作而关闭后,Hdiv 无法验证请求并创建 INVALID_PAGE_ID 日志。

此行为是可配置的,为这些情况定义一个特定的登录页面: https ://hdivsecurity.com/docs/installation/library-setup/#session-expiration

于 2017-11-09T12:43:51.787 回答