Question

我有一个使用Hibernate 5.2作为orm的jax-rs / jersey rest应用程序。还有一个弹簧过滤器，使用令牌处理身份验证。一切都很好，但有一个小问题。每个dao对象都在构建它自己的会话工厂。

public abstract class BaseDAO<T> {

protected SessionFactory sessionFactory = getSessionFactory();
protected final Validator validator = getValidator();

protected SessionFactory getSessionFactory() {
    try {
        return (SessionFactory) new Configuration().configure().buildSessionFactory();
    } catch (Exception e) {
        throw new IllegalStateException("Could not locate SessionFactory in JNDI");
    }
}

protected Validator getValidator() {
    ValidatorFactory factory = Validation.buildDefaultValidatorFactory();
    return factory.getValidator();
}

@SuppressWarnings({"hiding", "unchecked"})  
public <T> T save(final T o) {
    Session session = sessionFactory.getCurrentSession();
    Transaction tx = session.beginTransaction();
    T savedObj = (T) session.save(o);
    tx.commit();    
    session.close();        
    return savedObj;
}

public void delete(final Object object) {
    Session session = sessionFactory.getCurrentSession();
    Transaction tx = session.beginTransaction();
    session.delete(object);
    tx.commit();        
    session.close();        
}

@SuppressWarnings("hiding")     
public <T> T get(final Class<T> type, final int id) {
    Session session = sessionFactory.getCurrentSession();
    Transaction tx = session.beginTransaction();    
    T obj = session.get(type, id);
    tx.commit();    
    session.close();
    return obj;
}

@SuppressWarnings({"hiding", "unchecked"})
public <T> T merge(final T o) {
    Session session = sessionFactory.getCurrentSession();
    Transaction tx = session.beginTransaction();
    T obj = (T) session.merge(o);
    tx.commit();    
    session.close();        
    return obj;
}

@SuppressWarnings("hiding") 
public <T> void saveOrUpdate(final T o) {
    Session session = sessionFactory.getCurrentSession();
    Transaction tx = session.beginTransaction();
    session.saveOrUpdate(o);
    tx.commit();    
    session.close();        
}

@SuppressWarnings({ "hiding", "deprecation", "unchecked" }) 
public <T> List<T> getAll(final Class<T> type) {
    final Session session = sessionFactory.getCurrentSession();
    Transaction tx = session.beginTransaction();
    final Criteria crit = session.createCriteria(type);
    List<T> results = crit.setResultTransformer(Criteria.DISTINCT_ROOT_ENTITY).list();
    tx.commit();    
    session.close();        
    return results;
}

@SuppressWarnings({ "hiding", "deprecation", "unchecked" })
public <T> List<T> findByExample(final Class<T> type, T instance) {
    try {
        Session session = sessionFactory.getCurrentSession();
        Transaction tx = session.beginTransaction();
        List<T> results = session
                .createCriteria(type)
                .add(Example.create(instance))
                .setResultTransformer(Criteria.DISTINCT_ROOT_ENTITY)
                .list();
        tx.commit();
        session.close();            
        return results;
    } catch (RuntimeException re) {
        //log.error("find by example failed", re);
        throw re;
    }
}

这是一个问题，因为如果你创建多个dao对象，你很快就会耗尽连接，即使我在每个dao调用之后调用session.close（）。在对资源进行过多调用之后，我的小数据库实例抱怨连接太多。我的直接想法是会议工厂需要由泽西管理。所以我尝试了这样的工厂装订：

public class HibernateSessionFactory implements Factory<SessionFactory> {

    protected SessionFactory sessionFactory;

    @Override
    public void dispose(SessionFactory arg0) {
        sessionFactory.close();
    }

    @Override
    public SessionFactory provide() {
        try {
            sessionFactory = (SessionFactory) new Configuration().configure().buildSessionFactory();
            return sessionFactory;
        } catch (Exception e) {
            throw new IllegalStateException("Could not locate SessionFactory     in JNDI");
        }       
    }
}

在资源配置中：

    register(new AbstractBinder() {
        @Override
        protected void configure() {
            bindFactory(HibernateSessionFactory.class).to(SessionFactory.class);
        }
    });

将BaseDAO更改为此

@Inject
protected SessionFactory sessionFactory

它似乎不起作用 - 会话工厂始终为空。另一个问题是弹簧过滤器不能使用球衣注射。过滤器配置如下。

@Configuration
@EnableWebSecurity
@EnableGlobalMethodSecurity(prePostEnabled = true, securedEnabled = true)
@Order(2)
public class SpringSecurityConfig extends WebSecurityConfigurerAdapter {

    private final com.renewedvoices.security.UserService userService;
    private final TokenAuthenticationService tokenAuthenticationService;
    private final SessionFactory sessionFactory;

    public SpringSecurityConfig() {
        super(true);
        this.userService = new UserService();
        this.tokenAuthenticationService = new     TokenAuthenticationService("tooManySecrets", userService);
        this.sessionFactory = createSessionFactory();
    }

    @Override
    protected void configure(HttpSecurity http) throws Exception {
            // Custom Token based authentication based on the header previously given to the client     
            http
                .addFilterBefore(new StatelessAuthenticationFilter(tokenAuthenticationService),
                    UsernamePasswordAuthenticationFilter.class)         
                .authorizeRequests()
                .antMatchers("/rest/auth/**").permitAll()
                .antMatchers(HttpMethod.OPTIONS).permitAll()
                .anyRequest().authenticated()
                .and()
                .exceptionHandling().and()
                .anonymous().and()
                .servletApi().and()
                .headers().cacheControl();

    }

    private SessionFactory createSessionFactory() {
        try {
            return (SessionFactory) new org.hibernate.cfg.Configuration().configure().buildSessionFactory();
        } catch (Exception e) {
            throw new IllegalStateException("Could not locate SessionFactory in JNDI");
        }               
    }

    @Override
    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
        auth.userDetailsService(userDetailsService()).passwordEncoder(new     BCryptPasswordEncoder());
    }

    @Bean
    @Override
    public AuthenticationManager authenticationManagerBean() throws Exception {
        return super.authenticationManagerBean();
    }

    @Bean
    @Override
    public UserService userDetailsService() {
        return userService;
    }

    @Bean
    public TokenAuthenticationService tokenAuthenticationService() {
       return tokenAuthenticationService;
    }

    @Bean
    public SerssionFactory sessionFactory() {
       return sessionFactory;
    }
}

无论我在BaseDao中使用@Autowired还是@Inject，sessionFactory始终为null。我无法切换到纯粹的春天。有没有办法让这个sessionFactory工作？这是在休息服务中处理会话工厂的最佳方法，还是有更好的方法不在每个请求上打开新会话？我发现的几乎所有答案都是纯粹的解决方案。任何帮助是极大的赞赏。

Answer 1

继续我的上述评论

您需要将DAO设置为Spring bean，以便将其注入Spring组件中。然后对于Jersey你需要整合Jersey以使用Spring组件，这样你就可以注入Jersey。看看this post。

所以你需要做的是让DAO成为一个Spring Bean。你可以这样做

@Configuration
public class DataConfiguration {
    @Bean
    public MyDao myDao() {
        return new MyDao();
    }
}

然后在AbstractSecurityWebApplicationInitializer中，您需要添加配置类，并覆盖contextConfigLocation属性，以便Jersey不会尝试创建ContextLoaderListener。这已由Spring Security

创建

@Order(1)
public class DemoSecurityWebApplicationInitializer
        extends AbstractSecurityWebApplicationInitializer {

    public DemoSecurityWebApplicationInitializer() {
        super(DataConfiguration.class, SecurityConfig.class);
    }

    @Override
    public void afterSpringSecurityFilterChain(ServletContext servletContext) {
        // Set the Jersey used property to it won't load a ContextLoaderListener
        servletContext.setInitParameter("contextConfigLocation", "NOOP");
    }
}

您需要做的最后一件事是添加jersey-spring3依赖项。这是Jersey依赖项，它允许它与Spring组件集成（只有Spring到Jersey，而不是Jersey到Spring）。

<dependency>
    <groupId>org.glassfish.jersey.ext</groupId>
    <artifactId>jersey-spring3</artifactId>
    <exclusions>
       <!-- exclude Spring 3 if you want to use Spring 4 -->
    </exclusions>
<dependency>

请参阅this GitHub project 中的完整示例。

Jersey + Hibernate将SessionFactory注入DAO

1 个答案: