shiro中session缓存中关于JSESSIONID失效问题

考研期间,再次抽点时间来搞点开发(其实上的课不想听又放不下之前弄了一半的东西,所以有点开小差了.....),哈哈。用一个小dmeo来学习shiro的权限分配管理,在学习其中的在线会话管理,要用到sesssion管理,结果跟着张凯涛的shiro教程学到这里后使用了自定义实现的缓存管理和session管理,碰到了这么个错误。

    测试的时候一直是拿后台的登录页面进行测试。在最初请求该页面时,shirofilter会拦截到请求,将拦截到的request交给securityManager中的sessionManager来出来,为请求添加session会话,当然在sessionManager中所有有管session的增删改查都是交由sessionDao来处理的,所以首先怀疑到了sessionDao有问题。

使用自定义的sessionDao报错如下:

2018-05-14 18:39:45 -25802 [http-bio-8080-exec-142] DEBUG   - Found 'JSESSIONID' cookie value [C2CCB39E36A18CB160E715E0EB2B81B6]
2018-05-14 18:39:45 -25825 [http-bio-8080-exec-142] DEBUG   - doReadSession >>>>>> SessionId=C2CCB39E36A18CB160E715E0EB2B81B6

所以改为用shiro自带的EnterpriseCacheSessionManager结果,错误就比较明显了:

2018-05-14 18:38:42 -17883 [http-bio-8080-exec-140] DEBUG   - Found 'JSESSIONID' cookie value [C2CCB39E36A18CB160E715E0EB2B81B6]
com.lu.upms.shiro.session.EnterpriseCacheSessionDAO.doReadSession()
2018-05-14 18:38:42 -17906 [http-bio-8080-exec-140] DEBUG   - Resolved SubjectContext context session is invalid.  Ignoring and creating an anonymous (session-less) Subject instance.
org.apache.shiro.session.UnknownSessionException: There is no session with id [C2CCB39E36A18CB160E715E0EB2B81B6]
	at org.apache.shiro.session.mgt.eis.AbstractSessionDAO.readSession(AbstractSessionDAO.java:170)
	at org.apache.shiro.session.mgt.eis.CachingSessionDAO.readSession(CachingSessionDAO.java:261)
	at org.apache.shiro.session.mgt.DefaultSessionManager.retrieveSessionFromDataSource(DefaultSessionManager.java:236)
	at org.apache.shiro.session.mgt.DefaultSessionManager.retrieveSession(DefaultSessionManager.java:222)
	at org.apache.shiro.session.mgt.AbstractValidatingSessionManager.doGetSession(AbstractValidatingSessionManager.java:118)
	at org.apache.shiro.session.mgt.AbstractNativeSessionManager.lookupSession(AbstractNativeSessionManager.java:148)
	at org.apache.shiro.session.mgt.AbstractNativeSessionManager.getSession(AbstractNativeSessionManager.java:140)
	at org.apache.shiro.mgt.SessionsSecurityManager.getSession(SessionsSecurityManager.java:156)
	at org.apache.shiro.mgt.DefaultSecurityManager.resolveContextSession(DefaultSecurityManager.java:456)
	at org.apache.shiro.mgt.DefaultSecurityManager.resolveSession(DefaultSecurityManager.java:442)
	at org.apache.shiro.mgt.DefaultSecurityManager.createSubject(DefaultSecurityManager.java:338)
	at org.apache.shiro.subject.Subject$Builder.buildSubject(Subject.java:846)
	at org.apache.shiro.web.subject.WebSubject$Builder.buildWebSubject(WebSubject.java:148)
	at org.apache.shiro.web.servlet.AbstractShiroFilter.createSubject(AbstractShiroFilter.java:292)
	at org.apache.shiro.web.servlet.AbstractShiroFilter.doFilterInternal(AbstractShiroFilter.java:359)
	at org.apache.shiro.web.servlet.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:125)
	at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:346)
	at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:262)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
	at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:218)
	at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:122)
	at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:505)
	at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:169)
	at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:103)
	at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:956)
	at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:116)
	at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:442)
	at org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1082)
	at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:623)
	at org.apache.tomcat.util.net.JIoEndpoint$SocketProcessor.run(JIoEndpoint.java:316)
	at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
	at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
	at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
	at java.lang.Thread.run(Thread.java:745)
2018-05-14 18:38:42 -17923 [http-bio-8080-exec-140] DEBUG   - DispatcherServlet with name 'springMVC' processing GET request for [/lucms/manager/login]
2018-05-14 18:38:42 -17924 [http-bio-8080-exec-140] DEBUG   - Looking up handler method for path /manager/login
2018-05-14 18:38:42 -17927 [http-bio-8080-exec-140] DEBUG   - Returning handler method [public java.lang.String com.lu.cms.controller.LoginController.login()]
2018-05-14 18:38:42 -17927 [http-bio-8080-exec-140] DEBUG   - Returning cached instance of singleton bean 'loginController'
2018-05-14 18:38:42 -17928 [http-bio-8080-exec-140] DEBUG   - Last-Modified value for [/lucms/manager/login] is: -1
2018-05-14 18:38:42 -17946 [http-bio-8080-exec-140] DEBUG   - Invoking afterPropertiesSet() on bean with name '/manager/login'
2018-05-14 18:38:42 -17946 [http-bio-8080-exec-140] DEBUG   - Rendering view [org.springframework.web.servlet.view.JstlView: name '/manager/login'; URL [/views//manager/login.jsp]] in DispatcherServlet with name 'springMVC'
2018-05-14 18:38:42 -17951 [http-bio-8080-exec-140] DEBUG   - Forwarding to resource [/views//manager/login.jsp] in InternalResourceView '/manager/login'
2018-05-14 18:38:43 -18090 [http-bio-8080-exec-140] DEBUG   - Creating new EIS record for new session instance [com.lu.upms.shiro.session.UpmsSession,id=null]
com.lu.upms.shiro.session.EnterpriseCacheSessionDAO.doCreate()
2018-05-14 18:38:43 -18091 [http-bio-8080-exec-140] ERROR   - set cache shiro-demo-cache:b1be7c3c-d2ff-4d57-ac7b-a285d75ace61 error!
com.lu.upms.shiro.session.EnterpriseCacheSessionDAO.doUpdate()
2018-05-14 18:38:43 -18091 [http-bio-8080-exec-140] ERROR   - set cache shiro-demo-cache:b1be7c3c-d2ff-4d57-ac7b-a285d75ace61 error!
2018-05-14 18:38:43 -18092 [http-bio-8080-exec-140] DEBUG   - Added HttpServletResponse Cookie [JSESSIONID=b1be7c3c-d2ff-4d57-ac7b-a285d75ace61; Path=/lucms; HttpOnly]
2018-05-14 18:38:43 -18092 [http-bio-8080-exec-140] DEBUG   - 会话创建:b1be7c3c-d2ff-4d57-ac7b-a285d75ace61
com.lu.upms.shiro.session.EnterpriseCacheSessionDAO.doReadSession()
2018-05-14 18:38:43 -18299 [http-bio-8080-exec-140] DEBUG   - Successfully completed request
com.lu.upms.shiro.session.EnterpriseCacheSessionDAO.doReadSession()

看第二条报错信息就明白了,创建的session无效,根本就没有写入到redis里面,所以之后的对于sesisonId的查询也就是空的了。

解决:就是自定义一个不与容器冲突的SEESIONID


        

        
        
    

    
    
        
    


        ...


你可能感兴趣的:(shiro)