这是我的控制器代码: 我已经将我的对象放在下面的“doLogin”方法的地图中,我试图在我的“注销”函数中访问它,但是当我尝试使用“map.get”获取会话属性的值时,我得到空值(关键)“
@Controller
@SessionAttributes(value={"session1"})
public class CredentialsController {
@Autowired
private Authentication authenticationDao;
@Autowired
private User userDao;
@RequestMapping(value="/start",method=RequestMethod.GET) //Default Method
public String doStart(@ModelAttribute CredentialsBean credentialsBean)
{
return "login";
}
@RequestMapping(value="/login",method=RequestMethod.GET) //Default Method
public String doLogin(@ModelAttribute CredentialsBean credentialsBean,Map<String,Object> map)
{
String result="";
if(credentialsBean!=null){
if(authenticationDao.authenticate(credentialsBean)){
String userType=authenticationDao.authorize(credentialsBean.getUserID());
if(userType.equalsIgnoreCase("A")){
CredentialsBean cBean= authenticationDao.changeLoginStatus(credentialsBean, 1);
map.put("session1",cBean); ----->Here I am putting the object inside a map .
result= "admin";
//map.put("username",credentialsBean.getProfileBean().getFirstName());
}
else{
CredentialsBean cBean=authenticationDao.changeLoginStatus(credentialsBean, 1);
map.put("session1",cBean.getUserID());
//System.out.println(cBean.getUserID());
result= "customer";
//map.put("username",credentialsBean.getProfileBean().getFirstName());
}
}
else{
result="ERROR";
}
}
return result;
}
@RequestMapping(value="/logout",method=RequestMethod.GET) //Default Method
public String doLogout(Map<String,Object > map)
{
CredentialsBean credentialsBean=(CredentialsBean)map.get("session1");
//System.out.println(userID);
System.out.println(credentialsBean.getUserID());
if(credentialsBean!=null){
if(userDao.logout(credentialsBean.getUserID())){
return "logout";
}
else{
return "error1";
}
}
else{
return "error";
}
}
}
答案 0 :(得分:1)
这是我的方式:
在doLogin方法中,您应添加HttpSession session:
@RequestMapping(value="/login",method=RequestMethod.GET) //Default Method
public String doLogin(@ModelAttribute CredentialsBean credentialsBean, HttpSession session)
{
String result="";
if(credentialsBean!=null){
if(authenticationDao.authenticate(credentialsBean)){
String userType=authenticationDao.authorize(credentialsBean.getUserID());
if(userType.equalsIgnoreCase("A")){
CredentialsBean cBean= authenticationDao.changeLoginStatus(credentialsBean, 1);
// add object to session
session.setAttribute("session1",cBean);
result= "admin";
//map.put("username",credentialsBean.getProfileBean().getFirstName());
}
else{
CredentialsBean cBean=authenticationDao.changeLoginStatus(credentialsBean, 1);
session.setAttribute("session1",cBean);
result= "customer";
}
}
else{
result="ERROR";
}
}
return result;
}
请注意,您应该添加到相同类型的会话对象,以便以后安全地检索它(因为现在您为同一个键cBean添加了不同的对象cBean.getUserID()和session1 )
然后在你的退出中:
@RequestMapping(value="/logout",method=RequestMethod.GET) //Default Method
public String doLogout(HttpSession session)
{
CredentialsBean credentialsBean=(CredentialsBean)session.getAttribute("session1");
.....
}
但无论如何,由于您在此处实施login \ logout,我建议您了解有关Spring Security的更多信息。