web.xml中session监听调用springmvc注入的service方法

小LUA

博客园
首页
新闻
新随笔
联系
管理
订阅

随笔- 72  文章- 0  评论- 11 

Spring + Shiro 项目 + HttpSessionListener 【调用springService问题】&【Session失效问题】

功能描述：
当用户退出（主动）或者关闭浏览器（session超时）的时候，利用本次登录Ip更新上次登录IP。有人可能要问，你在用户登录的时候记录不就行了。可是我有两个字段，一个为本次登录IP，另外一个为上次登录IP。当用户退出的时候，本次登录IP也就成了上次登录IP。
 
首先解决的问题是：在Listener里面访问Service。
因为是基于注解开发，将Listener扫描和将Service成员变量注解@Autowired是不能解决问题的。运行起来会报空指针。

public class UserLeaveListener implements HttpSessionListener {

private UserService userService;

@Override
public void sessionCreated(HttpSessionEvent arg0) {
// 记录访问日志：IP

}

@Override
public void sessionDestroyed(HttpSessionEvent arg0) {
System.out.println("---SessionListener---");
//调用 session.invalidate(); 后，在这个方法里仍然可以获取到属性值

ApplicationContext applicationContext = WebApplicationContextUtils.getWebApplicationContext(
arg0.getSession().getServletContext());
userService = applicationContext.getBean(UserService.class);
HttpSession session = arg0.getSession();
User user = (User) session.getAttribute("user");
System.out.println("user:" + user);
//如果user不为空，代表超时退出。否则是主动退出
if(user != null){
System.out.println("用户超时退出：" + user.getUserName());
userService.updatePreIp(user.getUserId(), user.getUserCurIP());
}else{
System.out.println("用户已经退出");
}
}

}

核心代码便是

ApplicationContext applicationContext = WebApplicationContextUtils.getWebApplicationContext(
arg0.getSession().getServletContext());
userService = applicationContext.getBean(UserService.class);

 
第二个问题：在我的登出Controller方法中，我调用

session.invalidate();

后的确能够进入listener，也成功执行了service方法，但是却爆了错。这个错不影响什么，但是看起来难受

严重: Servlet.service() for servlet [springDispatcherServlet] in context with path [/target] threw exception [org.apache.shiro.session.InvalidSessionException: java.lang.IllegalStateException: getAttribute: Session already invalidated] with root cause
java.lang.IllegalStateExcepti
db7c
on: getAttribute: Session already invalidated
at org.apache.catalina.session.StandardSession.getAttribute(StandardSession.java:1190)
at org.apache.catalina.session.StandardSessionFacade.getAttribute(StandardSessionFacade.java:103)
at org.apache.shiro.web.session.HttpServletSession.getAttribute(HttpServletSession.java:146)
at org.apache.shiro.session.ProxiedSession.getAttribute(ProxiedSession.java:121)
at org.apache.shiro.subject.support.DelegatingSubject.getRunAsPrincipalsStack(DelegatingSubject.java:469)
at org.apache.shiro.subject.support.DelegatingSubject.getPrincipals(DelegatingSubject.java:153)
at org.apache.shiro.subject.support.DelegatingSubject.getPrincipal(DelegatingSubject.java:149)
at org.apache.shiro.web.servlet.ShiroHttpServletRequest.getSubjectPrincipal(ShiroHttpServletRequest.java:96)
at org.apache.shiro.web.servlet.ShiroHttpServletRequest.getUserPrincipal(ShiroHttpServletRequest.java:112)
at org.springframework.web.servlet.FrameworkServlet.getUsernameForRequest(FrameworkServlet.java:1091)
at org.springframework.web.servlet.FrameworkServlet.publishRequestHandledEvent(FrameworkServlet.java:1077)
at org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:1005)
at org.springframework.web.servlet.FrameworkServlet.doGet(FrameworkServlet.java:861)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:622)
at org.springframework.web.servlet.FrameworkServlet.service(FrameworkServlet.java:846)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:729)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:292)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:207)
at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:240)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:207)
at org.apache.shiro.web.servlet.ProxiedFilterChain.doFilter(ProxiedFilterChain.java:61)
at org.apache.shiro.web.servlet.AdviceFilter.executeChain(AdviceFilter.java:108)
at org.apache.shiro.web.servlet.AdviceFilter.doFilterInternal(AdviceFilter.java:137)
at org.apache.shiro.web.servlet.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:125)
at org.apache.shiro.web.servlet.ProxiedFilterChain.doFilter(ProxiedFilterChain.java:66)
at org.apache.shiro.web.servlet.AbstractShiroFilter.executeChain(AbstractShiroFilter.java:449)
at org.apache.shiro.web.servlet.AbstractShiroFilter$1.call(AbstractShiroFilter.java:365)
at org.apache.shiro.subject.support.SubjectCallable.doCall(SubjectCallable.java:90)
at org.apache.shiro.subject.support.SubjectCallable.call(SubjectCallable.java:83)
at org.apache.shiro.subject.support.DelegatingSubject.execute(DelegatingSubject.java:383)
at org.apache.shiro.web.servlet.AbstractShiroFilter.doFilterInternal(AbstractShiroFilter.java:362)
at org.apache.shiro.web.servlet.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:125)
at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:346)
at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:262)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:240)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:207)
at org.springframework.web.filter.CharacterEncodingFilter.doFilterInternal(CharacterEncodingFilter.java:197)
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:240)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:207)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:212)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:106)
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:502)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:141)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:79)
at org.apache.catalina.valves.AbstractAccessLogValve.invoke(AbstractAccessLogValve.java:616)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:88)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:522)
at org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1095)
at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:672)
at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1502)
at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.run(NioEndpoint.java:1458)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
at java.lang.Thread.run(Thread.java:745)

看这句：

[org.apache.shiro.session.InvalidSessionException: java.lang.IllegalStateException: getAttribute: Session already invalidated]

可以知道这个shiro啊，他想找这个session玩，但是session已经不在了。经过查阅我猜整合了shiro之后，就得考虑shiro的感受了。那么shiro有没有退出的方法呢？

SecurityUtils.getSubject().logout();

原来有啊，我就在controller方法中把它也加上了。
运行成功之后，又报错了。

java.lang.IllegalStateException: invalidate: Session already invalidated

我很怀疑用了shiro之后，shiro就霸占了session。所以我就把session.invalidate去掉了
果然运行之后啥错误都没有了。

客户端地址：0:0:0:0:0:0:0:1
user:User [userId=14962441362734L7V7MF, userName=博美, ...]
用户主动退出：博美
---SessionListener---
user:User [userId=14962441362734L7V7MF, userName=博美, ...]
用户超时退出：博美
---SessionListener---
user:null
用户已经退出

这里说一下，虽然我们调用了让session失效的方法，但是等到session超时时间一到，会再次进入sessionListener中
 

本宝宝写的文章不一定是精华，但是希望对你有帮助，每一篇文章都是本宝宝亲自手写的，从来不复制粘贴，所以本宝宝仅仅希望转载的同学可以表明出处和作者！如有不对，欢迎指正，一定要指正啊！！