好的,我希望我的Web应用程序能够在多个Web服务器上使用HTTP会话.我也不能使用粘性会话或会话复制!
Spring Security处理HTTP会话的最佳实践是什么?Spring提供OOTB吗?或者它是否有选项将会话信息存储到数据库?SecurityContextPersistenceFilter?
我有如下的Web.xml:
<servlet>
<servlet-name>mvc-dispatcher</servlet-name>
<servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
<load-on-startup>1</load-on-startup>
</servlet>
<servlet-mapping>
<servlet-name>mvc-dispatcher</servlet-name>
<url-pattern>/</url-pattern>
</servlet-mapping>
<filter>
<filter-name>springSecurityFilterChain</filter-name>
<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
</filter>
<filter-mapping>
<filter-name>springSecurityFilterChain</filter-name>
<url-pattern>/api/secure/*</url-pattern>
</filter-mapping>
[编辑]
在我添加了spring security之后,我得到了错误!
java.lang.IllegalStateException:找不到WebApplicationContext:没有注册ContextLoaderListener?
然后我补充道
<context-param>
<param-name>contextConfigLocation</param-name>
<param-value>
/WEB-INF/mvc-dispatcher-servlet.xml
</param-value>
</context-param>
<listener>
<listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
</listener>
然后它似乎工作正常,但然后1)问题是豆被创建两次!
如果我只删除它:
<context-param>
<param-name>contextConfigLocation</param-name>
<param-value>
/WEB-INF/mvc-dispatcher-servlet.xml
</param-value>
</context-param>
但是<listener>当时Web应用程序根本不运行
[额外]
完整的Web.xml如下:
<web-app version="2.4" xmlns="http://java.sun.com/xml/ns/j2ee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd">
<display-name>Spring MVC Application</display-name>
<servlet>
<servlet-name>mvc-dispatcher</servlet-name>
<servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
<load-on-startup>1</load-on-startup>
</servlet>
<servlet-mapping>
<servlet-name>mvc-dispatcher</servlet-name>
<url-pattern>/</url-pattern>
</servlet-mapping>
<filter>
<filter-name>springSecurityFilterChain</filter-name>
<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
</filter>
<filter-mapping>
<filter-name>springSecurityFilterChain</filter-name>
<url-pattern>/api/secure/*</url-pattern>
</filter-mapping>
<context-param>
<param-name>contextConfigLocation</param-name>
<param-value>
/WEB-INF/mvc-dispatcher-servlet.xml
</param-value>
</context-param>
<listener>
<listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
</listener> …我读了关于Java的字符串池的这个问题 并理解了字符串池的基本概念,但仍然不理解这种行为.
第一:如果您直接分配值,则它可以工作,并且s1和s2都引用池中的同一对象
String s1 = "a" + "bc";
String s2 = "ab" + "c";
System.out.println("s1 == s2? " + (s1 == s2));
但是如果我改变字符串s1 + ="d",那么池应该有一个字符串对象"abcd"?那么当我更改s2 + ="d"时,它应该在池中找到字符串对象"abcd",并将对象分配给s2?但它没有,它们不会被引用到同一个对象.这是为什么?
String s1 = "abc";
String s2 = "abc";
System.out.println("s1 == s2? " + (s1 == s2));
s1 += "d";
s2 += "d";
System.out.println("s1 == s2? " + (s1 == s2));
我正在尝试使用MockMVC设置Junit测试.
从这个链接 - "要么不能使用Servlet API,要么你需要在类路径上提供它".
我在pom.xml中添加了以下内容但是没有用.任何的想法?
<dependency>
<groupId>javax.servlet</groupId>
<artifactId>javax.servlet-api</artifactId>
<version>3.1.0</version>
<scope>provided</scope>
</dependency>
这是跟踪
org.springframework.beans.BeanInstantiationException: Could not instantiate bean class [org.springframework.test.context.web.WebDelegatingSmartContextLoader]: Constructor threw exception; nested exception is java.lang.NoClassDefFoundError: javax/servlet/ServletContext
at org.springframework.beans.BeanUtils.instantiateClass(BeanUtils.java:163)
at org.springframework.beans.BeanUtils.instantiateClass(BeanUtils.java:105)
at org.springframework.beans.BeanUtils.instantiateClass(BeanUtils.java:130)
at org.springframework.test.context.ContextLoaderUtils.resolveContextLoader(ContextLoaderUtils.java:118)
at org.springframework.test.context.ContextLoaderUtils.buildMergedContextConfiguration(ContextLoaderUtils.java:594)
at org.springframework.test.context.ContextLoaderUtils.buildMergedContextConfiguration(ContextLoaderUtils.java:560)
at org.springframework.test.context.TestContext.<init>(TestContext.java:99)
at org.springframework.test.context.TestContextManager.<init>(TestContextManager.java:117)
at org.springframework.test.context.junit4.SpringJUnit4ClassRunner.createTestContextManager(SpringJUnit4ClassRunner.java:119)
at org.springframework.test.context.junit4.SpringJUnit4ClassRunner.<init>(SpringJUnit4ClassRunner.java:108)
at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:57)
at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45)
at java.lang.reflect.Constructor.newInstance(Constructor.java:526)
at org.junit.internal.builders.AnnotatedBuilder.buildRunner(AnnotatedBuilder.java:31)
at org.junit.internal.builders.AnnotatedBuilder.runnerForClass(AnnotatedBuilder.java:24)
at org.junit.runners.model.RunnerBuilder.safeRunnerForClass(RunnerBuilder.java:57)
at org.junit.internal.builders.AllDefaultPossibilitiesBuilder.runnerForClass(AllDefaultPossibilitiesBuilder.java:29)
at org.junit.runners.model.RunnerBuilder.safeRunnerForClass(RunnerBuilder.java:57)
at org.junit.internal.requests.ClassRequest.getRunner(ClassRequest.java:24)
at com.intellij.rt.execution.junit.JUnitStarter.main(JUnitStarter.java:63)
Caused by: java.lang.NoClassDefFoundError: javax/servlet/ServletContext
at org.springframework.test.context.web.WebDelegatingSmartContextLoader.<init>(WebDelegatingSmartContextLoader.java:36)
at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native …它可能只是angularjs问题!我对前端和角度很新.
我有一个angularjs登录服务,调用url'/ signin/facebook /'登录,似乎后端被正确重定向并调用facebook oauth但我得到了跟随错误.
[Angularjs签到服务]
app.factory('fbSigninService', function($http){
return{
fb_signin:function(scope){
var $promise=$http.post('/signin/facebook/',JSON.stringify(scope));
}
}
});
[错误]
XMLHttpRequest cannot load https://www.facebook.com/v1.0/dialog/oauth?client_id=xxxxxxxxxxxxxxx&respon…t%3A8080%2Fsignin%2Ffacebook%2F&state=12431991-7555-4ed4-90b9-728e11c721f0. No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://localhost:8080' is therefore not allowed access.
所以当我从浏览器控制台直接点击链接时出错,它验证正常!
https://www.facebook.com/v1.0/dialog/oauth?client_id=xxxxxxxxxxxxxxx&respon…t%3A8080%2Fsignin%2Ffacebook%2F&state=12431991-7555-4ed4-90b9-728e11c721f0
我不认为,javascript假设调用facebook auth,javascript应该调用相同的主机'/ signin/facebook /'然后后端应该让facebook auth调用???
1)我已更新代码以允许交叉原点但仍然得到相同的错误.2)当我再次重新读取错误时,它实际上说"facebook"没有'具有'Access-Control-Allow-Origin'标头出现在所请求的资源上.
所以问题是,我应该如何从angularjs调用 - > java api - >重定向到facebook登录页面?
【JAVA]
response.setHeader("Access-Control-Allow-Origin", "*");
response.setHeader("Access-Control-Allow-Methods", "POST, GET, OPTIONS, DELETE");
response.setHeader("Access-Control-Max-Age", "3600");
response.setHeader("Access-Control-Allow-Headers", "x-requested-with");
[接头]
Request URL:http://localhost:8080/index.html
Request Method:GET
Status Code:200 OK
Request Headersview source
Accept:text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
Accept-Encoding:gzip,deflate,sdch
Accept-Language:en-US,en;q=0.8 …如何查询字段而不是整个对象?我想做那样的事情,想看到那可能吗?
public BigInteger findUserIDWithRegisteredEmail(String email){
Query query = Query.query(Criteria.where("primaryEmail").is (email));
query.fields().include("_id");
return (BigInteger) mongoTemplate.find(query, BigInteger.class);
}
问题是我的数据库配置文件具有“user”值,并且我正在使用 PropertySource 并尝试获取该值,但 SystemEnvironmentPropertySource 具有也具有“user”值的优先级。
那么如何指定 DBConfiguration 类使用database.config 的用户呢?
PS - 我无法更改配置名称,因为许多应用程序正在使用它。
@PropertySource("file:/config/database.config")
public class DBConfiguration {
@Value("${user}")
private String user;
.....
}
我想查询所有用户组的 ID,其中管理员的 ID="25160228446835585906563830293" 或用户的 ID ="25160228446835585906563830293"。
这是 java obj 中的 hashmap 键值对 hashmap<String,Date>
"25160228446835585906563830293" : ISODate("2013-03-26T04:51:36.731Z")
{ "_id" : ObjectId("51512958849ca4748271c640"),
"_class" : "com.pcd.app.model.UserGroup",
"groupName" : "sdfsadfsad",
"privacyType" : "PRIVACY_OPEN",
"approvalType" : "MEMBER_APPROVAL",
"groupDescription" : "test",
"admins" : {
"25160228446835585906563830293" : ISODate("2013-03-26T04:51:36.731Z"),
"25160228446835585906563830294" : ISODate("2013-03-26T04:51:36.731Z"),
"25160228446835585906563830295" : ISODate("2013-03-26T04:51:36.731Z")
},
"users" : {
"25160228446835585906563830296" : ISODate("2013-03-26T04:51:36.731Z")
}
}