org.springframework.web.util.NestedServletException:请求处理失败(HttpSession问题)

时间:2018-10-13 14:14:07

标签: angular spring-mvc spring-boot spring-security spring-web

我正面临注销问题。我知道有更多关于该问题的文章,但它们与我的情况不相似。首先,我只使用 SecurityContextHolder.clearContext() < / strong>,但它使会话保持活动状态,然后继续进行会话无效,并将所有现有的Cookie年龄设置为0。但是我遇到了另一个问题,如下所述。

  

org.springframework.web.util.NestedServletException:请求   处理失败;嵌套的异常是java.lang.NullPointerException     在   org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:982)     在   org.springframework.web.servlet.FrameworkServlet.doGet(FrameworkServlet.java:866)     在javax.servlet.http.HttpServlet.service(HttpServlet.java:635)处   org.springframework.web.servlet.FrameworkServlet.service(FrameworkServlet.java:851)     在javax.servlet.http.HttpServlet.service(HttpServlet.java:742)   org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:231)     在   org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)     在   org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52)     在   org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)     在   org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)     在   org.springframework.security.web.FilterChainProxy $ VirtualFilterChain.doFilter(FilterChainProxy.java:320)     在   org.springframework.security.web.access.intercept.FilterSecurityInterceptor.invoke(FilterSecurityInterceptor.java:127)     在   org.springframework.security.web.access.intercept.FilterSecurityInterceptor.doFilter(FilterSecurityInterceptor.java:91)     在   org.springframework.security.web.FilterChainProxy $ VirtualFilterChain.doFilter(FilterChainProxy.java:334)     在   org.springframework.security.web.access.ExceptionTranslationFilter.doFilter(ExceptionTranslationFilter.java:119)     在   org.springframework.security.web.FilterChainProxy $ VirtualFilterChain.doFilter(FilterChainProxy.java:334)     在   org.springframework.security.web.session.SessionManagementFilter.doFilter(SessionManagementFilter.java:137)     在   org.springframework.security.web.FilterChainProxy $ VirtualFilterChain.doFilter(FilterChainProxy.java:334)     在   org.springframework.security.web.authentication.AnonymousAuthenticationFilter.doFilter(AnonymousAuthenticationFilter.java:111)     在   org.springframework.security.web.FilterChainProxy $ VirtualFilterChain.doFilter(FilterChainProxy.java:334)     在   org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter.doFilter(SecurityContextHolderAwareRequestFilter.java:170)     在   org.springframework.security.web.FilterChainProxy $ VirtualFilterChain.doFilter(FilterChainProxy.java:334)     在   org.springframework.security.web.savedrequest.RequestCacheAwareFilter.doFilter(RequestCacheAwareFilter.java:63)     在   org.springframework.security.web.FilterChainProxy $ VirtualFilterChain.doFilter(FilterChainProxy.java:334)     在   org.springframework.security.web.authentication.www.BasicAuthenticationFilter.doFilterInternal(BasicAuthenticationFilter.java:215)     在   org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)     在   org.springframework.security.web.FilterChainProxy $ VirtualFilterChain.doFilter(FilterChainProxy.java:334)     在   org.springframework.security.web.authentication.logout.LogoutFilter.doFilter(LogoutFilter.java:116)     在   org.springframework.security.web.FilterChainProxy $ VirtualFilterChain.doFilter(FilterChainProxy.java:334)     在   org.springframework.security.web.header.HeaderWriterFilter.doFilterInternal(HeaderWriterFilter.java:66)     在   org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)     在   org.springframework.security.web.FilterChainProxy $ VirtualFilterChain.doFilter(FilterChainProxy.java:334)     在   org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:105)     在   org.springframework.security.web.FilterChainProxy $ VirtualFilterChain.doFilter(FilterChainProxy.java:334)     在   org.springframework.security.web.context.request.async.WebAsyncManagerIntegrationFilter.doFilterInternal(WebAsyncManagerIntegrationFilter.java:56)     在   org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)     在   org.springframework.security.web.FilterChainProxy $ VirtualFilterChain.doFilter(FilterChainProxy.java:334)     在   org.springframework.security.web.FilterChainProxy.doFilterInternal(FilterChainProxy.java:215)     在   org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:178)     在   org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:357)     在   org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:270)     在   org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)     在   org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)     在   org.springframework.web.filter.RequestContextFilter.doFilterInternal(RequestContextFilter.java:99)     在   org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)     在   org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)     在   org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)     在   org.springframework.web.filter.HttpPutFormContentFilter.doFilterInternal(HttpPutFormContentFilter.java:109)     在   org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)     在   org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)     在   org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)     在   org.springframework.web.filter.HiddenHttpMethodFilter.doFilterInternal(HiddenHttpMethodFilter.java:93)     在   org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)     在   org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)     在   org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)     在   org.springframework.session.web.http.SessionRepositoryFilter.doFilterInternal(SessionRepositoryFilter.java:147)     在   org.springframework.session.web.http.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:81)     在   org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)     在   org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)     在   org.springframework.web.filter.CharacterEncodingFilter.doFilterInternal(CharacterEncodingFilter.java:200)     在   org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)     在   org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)     在   org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)     在com.bookstore.config.RequestFilter.doFilter(RequestFilter.java:30)     在   org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)     在   org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)     在   org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:198)     在   org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:96)     在   org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:493)     在   org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:140)     在   org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:81)     在   org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:87)     在   org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:342)     在   org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:800)     在   org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:66)     在   org.apache.coyote.AbstractProtocol $ ConnectionHandler.process(AbstractProtocol.java:806)     在   org.apache.tomcat.util.net.NioEndpoint $ SocketProcessor.doRun(NioEndpoint.java:1498)     在   org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49)     在   java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)     在   java.util.concurrent.ThreadPoolExecutor $ Worker.run(ThreadPoolExecutor.java:624)     在   org.apache.tomcat.util.threads.TaskThread $ WrappingRunnable.run(TaskThread.java:61)     在java.lang.Thread.run(Thread.java:748)造成原因:   java.lang.NullPointerException在   com.bookstore.controller.LoginResource.logout(LoginResource.java:53)     在sun.reflect.NativeMethodAccessorImpl.invoke0(本机方法)处   sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)     在   sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)     在java.lang.reflect.Method.invoke(Method.java:498)在   org.springframework.web.method.support.InvocableHandlerMethod.doInvoke(InvocableHandlerMethod.java:209)     在   org.springframework.web.method.support.InvocableHandlerMethod.invokeForRequest(InvocableHandlerMethod.java:136)     在   org.springframework.web.servlet.mvc.method.annotation.ServletInvocableHandlerMethod.invokeAndHandle(ServletInvocableHandlerMethod.java:102)     在   org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerAdapter.invokeHandlerMethod(RequestMappingHandlerAdapter.java:891)     在   org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerAdapter.handleInternal(RequestMappingHandlerAdapter.java:797)     在   org.springframework.web.servlet.mvc.method.AbstractHandlerMethodAdapter.handle(AbstractHandlerMethodAdapter.java:87)     在   org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:991)     在   org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:925)     在   org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:974)

注销后,我会以角度使用此服务:

    logout(){
    let url="http://localhost:8090/user/logout";
    const xToken = localStorage.getItem('xAuthToken');
    let headers=new Headers({
      'x-auth-token':xToken
    });

    return this.http.post(url,'',{headers:headers});
  }

在后端,我想在注销时使用此方法清除所有活动的会话和cookie:

@RequestMapping(value = "/user/logout",method=RequestMethod.POST)
    public ResponseEntity logout(HttpServletRequest request, HttpServletResponse response) {
        HttpSession session= request.getSession(false);
        SecurityContextHolder.clearContext();
             session= request.getSession(false);
            if(session != null) {
                session.invalidate();
            }
            for(Cookie cookie : request.getCookies()) {
                cookie.setMaxAge(0);
            }


        return new ResponseEntity("Logout Successful !", HttpStatus.OK);
    }

当我调试它在包含 HttpSession会话变量的第一行中出现时,我猜测 request.getSession(false)返回null。这个假设可能是错误或正确,我不确定。

非常感谢您的帮助。感谢您的协作。

0 个答案:

没有答案