-
问题:ssm+ajax项目中,添加拦截器后进行登录验证后不能登录,始终在登录页面。没添加前能够登录成功。
-
经过进一步研究发现,其他Controller获取存入session的user=null
-
发现问题:存入的session与获取的session不同,导致获取不到存入到session的user
//IDEA后台输出: setSessionUser=com.museng.crm.settings.domain.User@166f71ae setSession=org.apache.catalina.session.StandardSessionFacade@1e33b8e4 getSession=org.apache.catalina.session.StandardSessionFacade@3340bbd8 getSessionUser=null
-
存session的Controller:
@Controller public class UserController { @Autowired private UserService userService; @RequestMapping("/settings/qx/user/login.do") public @ResponseBody Object login(String loginAct, String loginPwd, String isRemPwd, HttpServletRequest request, HttpServletResponse response, HttpSession session){ //封装参数: HashMap<String,Object> map = new HashMap<>(); map.put("loginAct",loginAct); map.put("loginPwd",loginPwd); //调用Service层查询用户: User user = userService.queryUserByLoinActAndPwd(map); //根据查询结果,生成响应: ReturnObject returnObject = new ReturnObject(); if (user==null){ //登录失败,用户名或密码错误 returnObject.setCode(Constants.RETURN_OBJECT_CODE_FAIL); returnObject.setMessage("用户名或密码错误"); }else { String nowStr = DateUtils.formatDateTime(new Date()); if (nowStr.compareTo(user.getExpireTime())>0){ //登录失败:账号已经过期 returnObject.setCode(Constants.RETURN_OBJECT_CODE_FAIL); returnObject.setMessage("账号已经过期"); }else if("0".equals(user.getLockState())){ //登录失败:状态被锁定 returnObject.setCode(Constants.RETURN_OBJECT_CODE_FAIL); returnObject.setMessage("状态被锁定"); }else if (!user.getAllowIps().contains(request.getRemoteAddr())){ //登录失败:ip受限 returnObject.setCode(Constants.RETURN_OBJECT_CODE_FAIL); returnObject.setMessage("ip受限"); }else { //登录成功: returnObject.setCode(Constants.RETURN_OBJECT_CODE_SUCCESS); returnObject.setMessage("登录成功"); //把user对象保存到session中: session.setAttribute(Constants.SESSION_USER,user); User sessionUser =(User) session.getAttribute(Constants.SESSION_USER); System.out.println("setSessionUser="+sessionUser); System.out.println("setSession="+session); //如果需要记住密码,则往外写cookie if ("true".equals(isRemPwd)){ Cookie c1 = new Cookie("loginAct",user.getLoginAct()); c1.setMaxAge(10*24*60*60);//有效时间转换为10天 response.addCookie(c1); Cookie c2 = new Cookie("loginPwd",user.getLoginPwd()); c2.setMaxAge(10*24*60*60);//有效时间转换为10天 response.addCookie(c2); }else { //把没有过期的cookie删除:将原来的cookie覆盖,生命周期设置为零。 Cookie c1 = new Cookie("loginAct", "1"); c1.setMaxAge(0); response.addCookie(c1); Cookie c2 = new Cookie("loginPwd", "1"); c2.setMaxAge(0); response.addCookie(c2); } } } return returnObject; } }
-
拦截器中获取session:(发现获取不到,检查拦截器配置都没有问题)
package com.museng.crm.settings.web.interceptor; import com.museng.crm.commons.constants.Constants; import com.museng.crm.settings.domain.User; import org.springframework.web.servlet.HandlerInterceptor; import org.springframework.web.servlet.ModelAndView; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import javax.servlet.http.HttpSession; public class LoginInterceptor implements HandlerInterceptor { @Override public boolean preHandle(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object o) throws Exception { //登录验证: //获取session: //User user =(User) httpServletRequest.getSession().getAttribute(Constants.SESSION_USER); HttpSession session = httpServletRequest.getSession(); System.out.println("getSession="+session); User user =(User) session.getAttribute(Constants.SESSION_USER); System.out.println("getSessionUser="+user); if (user==null){ //如果user为空:重定向到登录页面, //重定向需要添加项目名:"/crm" <== httpServletRequest.getContextPath() httpServletResponse.sendRedirect(httpServletRequest.getContextPath()); return false; } return true; } @Override public void postHandle(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object o, ModelAndView modelAndView) throws Exception { } @Override public void afterCompletion(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object o, Exception e) throws Exception { } }
-
错误原因:在jsp中,basePath多写了一个"/"
//错误的:String basePath = request.getScheme()+"://"+request.getServerName()+":"+request.getServerPort()+"/"+request.getContextPath()+"/"; //正确的:String basePath = request.getScheme()+"://"+request.getServerName() +":"+request.getServerPort()+request.getContextPath()+"/";
-
改正后:恢复正常
//IDEA后台输出: setSessionUser=com.museng.crm.settings.domain.User@6cf83814 setSession=org.apache.catalina.session.StandardSessionFacade@2a74e451 getSession=org.apache.catalina.session.StandardSessionFacade@2a74e451 getSessionUser=com.museng.crm.settings.domain.User@6cf83814 getSession=org.apache.catalina.session.StandardSessionFacade@2a74e451 getSessionUser=com.museng.crm.settings.domain.User@6cf83814
-
欢迎行家分析出现此bug的原因,谢谢!
-
05-17