我正在使用Spring Security 3.1构建一个用于安全性的JSF2 Web应用程序。 每次重启tomcat时,我都会收到Spring Security的ProviderManager抛出的NotSerializableException,但webapp工作正常。我担心这会在部署到生产时导致一些问题。 有谁知道如何使ProviderManager Serializable 这是一个例外:
SEVERE: IOException while loading persisted sessions: java.io.WriteAbortedException: writing aborted; java.io.NotSerializableException: org.springframework.security.authentication.ProviderManager
java.io.WriteAbortedException: writing aborted; java.io.NotSerializableException: org.springframework.security.authentication.ProviderManager
at java.io.ObjectInputStream.readObject0(ObjectInputStream.java:1355)
at java.io.ObjectInputStream.defaultReadFields(ObjectInputStream.java:1993)
at java.io.ObjectInputStream.readSerialData(ObjectInputStream.java:1918)
at java.io.ObjectInputStream.readOrdinaryObject(ObjectInputStream.java:1801)
at java.io.ObjectInputStream.readObject0(ObjectInputStream.java:1351)
at java.io.ObjectInputStream.readObject(ObjectInputStream.java:371)
at org.apache.catalina.session.StandardSession.readObject(StandardSession.java:1619)
at org.apache.catalina.session.StandardSession.readObjectData(StandardSession.java:1084)
at org.apache.catalina.session.StandardManager.doLoad(StandardManager.java:282)
at org.apache.catalina.session.StandardManager.load(StandardManager.java:202)
at org.apache.catalina.session.StandardManager.startInternal(StandardManager.java:489)
at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:150)
at org.apache.catalina.core.StandardContext.startInternal(StandardContext.java:5537)
at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:150)
at org.apache.catalina.core.StandardContext.reload(StandardContext.java:4033)
at org.apache.catalina.loader.WebappLoader.backgroundProcess(WebappLoader.java:425)
at org.apache.catalina.core.ContainerBase.backgroundProcess(ContainerBase.java:1345)
at org.apache.catalina.core.ContainerBase$ContainerBackgroundProcessor.processChildren(ContainerBase.java:1546)
at org.apache.catalina.core.ContainerBase$ContainerBackgroundProcessor.processChildren(ContainerBase.java:1556)
at org.apache.catalina.core.ContainerBase$ContainerBackgroundProcessor.processChildren(ContainerBase.java:1556)
at org.apache.catalina.core.ContainerBase$ContainerBackgroundProcessor.run(ContainerBase.java:1524)
at java.lang.Thread.run(Thread.java:745)
Caused by: java.io.NotSerializableException: org.springframework.security.authentication.ProviderManager
at java.io.ObjectOutputStream.writeObject0(ObjectOutputStream.java:1184)
at java.io.ObjectOutputStream.defaultWriteFields(ObjectOutputStream.java:1548)
at java.io.ObjectOutputStream.writeSerialData(ObjectOutputStream.java:1509)
at java.io.ObjectOutputStream.writeOrdinaryObject(ObjectOutputStream.java:1432)
at java.io.ObjectOutputStream.writeObject0(ObjectOutputStream.java:1178)
at java.io.ObjectOutputStream.writeObject(ObjectOutputStream.java:348)
at org.apache.catalina.session.StandardSession.writeObject(StandardSession.java:1695)
at org.apache.catalina.session.StandardSession.writeObjectData(StandardSession.java:1101)
at org.apache.catalina.session.StandardManager.doUnload(StandardManager.java:430)
at org.apache.catalina.session.StandardManager.unload(StandardManager.java:351)
at org.apache.catalina.session.StandardManager.stopInternal(StandardManager.java:516)
at org.apache.catalina.util.LifecycleBase.stop(LifecycleBase.java:232)
at org.apache.catalina.core.StandardContext.stopInternal(StandardContext.java:5719)
at org.apache.catalina.util.LifecycleBase.stop(LifecycleBase.java:232)
at org.apache.catalina.core.StandardContext.reload(StandardContext.java:4026)
... 7 more
答案 0 :(得分:1)
在您的LoginBean中,只需将@SessionScoped替换为@RequestScoped,因为在登录会话变量时无需保存输入的用户信息,您可以使用Spring Security功能访问它们这个
org.springframework.security.core.userdetails.User user = (org.springframework.security.core.userdetails.User) SecurityContextHolder.getContext().getAuthentication().getPrincipal();
String name = user.getUsername();