我有这个控制器
FAILED: postAPITest
javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun.security.ssl.Alerts.getSSLException(Alerts.java:192)
at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1959)
at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:302)
at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:296)
at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1514)
at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:216)
at sun.security.ssl.Handshaker.processLoop(Handshaker.java:1026)
at sun.security.ssl.Handshaker.process_record(Handshaker.java:961)
at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1072)
at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1385)
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1413)
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1397)
访问@Controller
@RequestMapping(value = "/login")
public class Login{
@RequestMapping
public ModelAndView mainPage(HttpServletRequest request){
request.getSession().setAttribute("testSession", "Session test");
return new ModelAndView("/login");
}
@RequestMapping(value = "/check")
public View check(HttpServletRequest request){
System.out.println(request.getSession(false)); //null
return new RedirectView("/login");
}
}
时,我创建一个会话并向其中添加属性/login
:"testSession"
在request.getSession().setAttribute("testSession", "Session test");
页上有此/login
。
在<form action="/login/check" method="post">
上,我尝试在/login/check
上创建会话,但是它为空。
为什么会话在请求之间不持久?
P.S .:我的应用程序在Tomcat和Apache作为反向代理的远程服务器上运行,我通过/login
更新
我创建了一个控制器来测试会话:
https://mydom.com
每次向@Controller
@RequestMapping(value = "/sess")
public class TestSession{
@RequestMapping(method = RequestMethod.GET)
public void mainPage(HttpServletRequest request, HttpServletResponse response) throws IOException{
//get or create session
HttpSession session = request.getSession();
response.setContentType("text/html");
response.getWriter().println(session.getId());
}
}
发送请求时,都会打印另一个ID。
答案 0 :(得分:5)
真正的问题出在JSessionID路径上。
JSessionID的路径为/myapp
。那是Tomcat的结果,因为我的应用程序通常在mydom.com:8080/myapp
但是使用Apache作为反向代理,我直接从mydom.com/
运行我的应用,这使JSessionID
无效,因为我不在mydom.com/myapp
上。
所以我在Apache的虚拟主机中添加了一行(设置了反向代理)来更改cookie的路径:
ProxyPassReverseCookiePath /myapp /
这是我最后的VirtualHost
,现在会话在请求之间保持不变。
<VirtualHost *:80>
ServerName mydom.com
ProxyRequests Off
ProxyPreserveHost On
ProxyPass / http://127.0.0.1:8080/myapp/
ProxyPassReverse / http://127.0.0.1:8080/myapp/
ProxyPassReverseCookiePath /emrahub-1.0.0 /
</VirtualHost>
答案 1 :(得分:0)
您是否正在使用Spring Security?也许你可以设置
http.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.NEVER)
(如果您要自己管理会话)