问题:
在用户登录之后,session采用 Spring MVC 注解的方式把用户登录信息放入到会话当中,结果在安全退出时候销毁session(),总是销毁不了。
问题代码:
@Controller
@RequestMapping("/login.do")
@SessionAttributes("loginuser")//seesion保存方式
public class BzLoginAction extends BaseAction {
private String basepath = "admin/";
@Autowired
@Qualifier("bzYonghuXinxiService")
private BzYonghuXinxiService bzYonghuXinxiService;
@Autowired
@Qualifier("propertiesUitl")
private PropertiesUitl propertiesUitl;
@Autowired
private HttpSession session;
/**用户登录方法**/
@RequestMapping(params = "method=login")
public String login(
@RequestParam(value = "username", required = false) String username,
@RequestParam(value = "password", required = false) String password,
@RequestParam(value = "rand", required = false) String rand,
ModelMap model) {
try {
。。。。。。
} catch (Exception e) {
model.put("login_error", "登录异常!");
return "login";
}
}
/****退出方法,销毁session*****/
@RequestMapping(params = "method=logoutApp")
public String logoutApp() {
try {
if (session != null)
session.removeAttribute("loginuser");
session.invalidate();
} catch (Exception e) {
}
return "app/web_login";
}
}
------------------------------------------------------------------------------------------------------------------------------------------------------
解决方法:
采用 session.setAttribute("loginuser", yonghuxinxi);方式保存会话即可
代码:
@Controller
@RequestMapping("/login.do")
public class BzLoginAction extends BaseAction {
private String basepath = "admin/";
@Autowired
@Qualifier("bzYonghuXinxiService")
private BzYonghuXinxiService bzYonghuXinxiService;
@Autowired
@Qualifier("bzSysAuthorService")
private BzSysAuthorService bzSysAuthorService;
@Autowired
@Qualifier("propertiesUitl")
private PropertiesUitl propertiesUitl;
@Autowired
private HttpSession session;
@RequestMapping(params = "method=login")
public String login(
@RequestParam(value = "username", required = false) String username,
@RequestParam(value = "password", required = false) String password,
@RequestParam(value = "rand", required = false) String rand,
ModelMap model) {
try {
。。。。。。。。。。
session.setAttribute("loginuser", yonghuxinxi);
session.setAttribute("rootMenu", temp);
session.setAttribute("rootOpration", bzSysAuthorService
.getOprationList(yonghuxinxi.getYhxxroleentity()
.getRoleId()));
。。。。。。。。。。。
} else {
model.put("login_error", "验证码错误!");
return "login";
}
} catch (Exception e) {
model.put("login_error", "登录异常!");
return "login";
}
}
@RequestMapping(params = "method=logoutApp")
public String logoutApp() {
try {
if (session != null)
session.removeAttribute("loginuser");
session.invalidate();
} catch (Exception e) {
}
return "app/web_login";
}
}