最近开发一个新项目采用Spring MVC+Spring+iBatis结构,出现了一个奇怪的现象,通过计算机名称可以正常访问,并且一切正常。而通过IP访问则会出现一个奇怪的现象:
登录系统后随便点哪个链接都会退出系统。下面贴出我的部分代码:
[b]配置文件[/b]
[code]<?xml version="1.0" encoding="UTF-8" ?>
<!DOCTYPE beans PUBLIC "-//SPRING//DTD BEAN//EN" "http://www.springframework.org/dtd/spring-beans.dtd">
<beans>
<bean id="encodingInterceptor" class="com.cm.web.interceptor.EncodingInterceptor"/>
<bean id="securityInterceptor" class="com.cm.web.interceptor.SecurityInterceptor"/>
<bean id="exceptionResolver" class="org.springframework.web.servlet.handler.SimpleMappingExceptionResolver">
<property name="defaultErrorView">
<value>error</value>
</property>
<property name="exceptionMappings">
<props>
<prop key="java.lang.Exception">error</prop>
</props>
</property>
</bean>
<bean id="viewResolver" class="org.springframework.web.servlet.view.ResourceBundleViewResolver">
<property name="basename"><value>cm</value></property>
<property name="defaultParentView"><value>modelView</value></property>
</bean>
<!--Not Need Logon.......................-->
<bean id="urlMapping" class="org.springframework.web.servlet.handler.SimpleUrlHandlerMapping">
<property name="interceptors">
<list>
<ref local="encodingInterceptor"/>
</list>
</property>
<property name="mappings">
<props>
<prop key="/login.do">accountController</prop>
<prop key="/loginproc.do">accountController</prop>
<prop key="/passwordmod.do">accountController</prop>
<prop key="/passmodprocess.do">accountController</prop>
<prop key="/forgetpassword.do">accountController</prop>
<prop key="/forgetpasswordprocess.do">accountController</prop>
</props>
</property>
</bean>
<!--Need Logon....................................-->
<bean id="securityUrlMapping" class="org.springframework.web.servlet.handler.SimpleUrlHandlerMapping">
<property name="interceptors">
<list>
<ref local="encodingInterceptor"/>
<ref local="securityInterceptor"/>
</list>
</property>
<property name="mappings">
<props>
<prop key="/index.do">indexController</prop>
<prop key="/resource/resourceIndex.do">indexController</prop>
<prop key="/department/departmentMember.do">indexController</prop>
<prop key="/index/linkmanGcheng.do">indexController</prop>
<prop key="/index/linkmanJsdw.do">indexController</prop>
<prop key="/index/linkmanXy.do">indexController</prop>
<prop key="/index/customerXyIndex.do">indexController</prop>
<prop key="/index/customerDZD.do">indexController</prop>
</props>
</property>
</bean>
<bean id="cmMethodNameResolver" class="org.springframework.web.servlet.mvc.multiaction.PropertiesMethodNameResolver">
<property name="mappings">
<props>
<prop key="/login.do">handleLoginView</prop>
<prop key="/loginproc.do">handleLoginProcess</prop>
<prop key="/index.do">handleIndex</prop>
<prop key="/passwordmod.do">handleModifyPasswordView</prop>
<prop key="/passmodprocess.do">handleModifyPasswordProcess</prop>
<prop key="/forgetpassword.do">handelForgetPassword</prop>
<prop key="/forgetpasswordprocess.do">handleForgetPasswordProcess</prop>
<prop key="/resource/resourceIndex.do">handelIndexResource</prop>
<prop key="/department/departmentMember.do">handleDepartmentMember</prop>
<prop key="/index/linkmanGcheng.do">handleLinkmanGcheng</prop>
<prop key="/index/linkmanJsdw.do">handleLinkmanJsdw</prop>
<prop key="/index/linkmanXy.do">handleLinkmanXy</prop>
<prop key="/index/customerXyIndex.do">handleCustomerXyIndex</prop>
<prop key="/index/customerDZD.do">handleIndexCustomerDZD</prop>
</props>
</property>
</bean>
<bean id="accountController" class="com.cm.web.controller.AccountController">
<property name="methodNameResolver"><ref local="cmMethodNameResolver"/></property>
<property name="userService"><ref bean="userService"/></property>
</bean>
<bean id="indexController" class="com.cm.main.web.controller.IndexController">
<property name="methodNameResolver"><ref local="cmMethodNameResolver"/></property>
<property name="generalService"><ref bean="generalService"/></property>
<property name="userService"><ref bean="userService"/></property>
</bean>
</beans>[/code]
[b]登录代码[/b]
[code]
public class AccountController extends AbstractSuperController {
//登录系统代码
public ModelAndView handleLoginProcess(HttpServletRequest request,
HttpServletResponse response) throws ServletException {
try {
User user = new User();
String username = request.getParameter("username");
String password = request.getParameter("password");
user.setName(username);
user.setPassword(password);
user = userService.selectUserByUsernameAndPassword(user);
if (null != user) {
log.info("User " + user.getName() + " Department "
+ user.getCmdeptname() + " logon...................");
HttpSession session = request.getSession(true);
session.setMaxInactiveInterval(3600);
//WebUtils.setSessionAttribute(request, "user", user);
session.setAttribute("user", user);
Cookie cookie = new Cookie("username", encode(username));
cookie.setMaxAge(60 * 60 * 24 * 365);
response.addCookie(cookie);
return new ModelAndView(new RedirectView("/cm/index.do"));
}
} catch (Exception e) {
log.error("", e);
}
return new ModelAndView(new RedirectView("/cm/login.do"));
}
}[/code]
[b]拦截器代码[/b]
[code]public class SecurityInterceptor extends HandlerInterceptorAdapter {
protected final Log log = LogFactory.getLog(SecurityInterceptor.class);
public boolean preHandle(HttpServletRequest request,
HttpServletResponse response, Object handler) throws Exception {
// User user = (User) WebUtils.getSessionAttribute(request, "user");
// if (user == null) {
// ModelAndView modelAndView = new ModelAndView(new RedirectView(
// "/cm/login.do"));
// log.info("user is
// logout.............................................");
// throw new ModelAndViewDefiningException(modelAndView);
// } else {
// return true;
// }
ModelAndView modelAndView = new ModelAndView(new RedirectView(
"/cm/login.do"));
HttpSession session = request.getSession(false);
if (null == session)
{
throw new ModelAndViewDefiningException(modelAndView);
}
User user = (User) session.getAttribute("user");
if (user == null) {
log.info("#user is logout.............");
throw new ModelAndViewDefiningException(modelAndView);
}
return true;
}
}[/code]
因为我在拦截器中配置session失效则自动到首页。
在login.jsp页面写如下代码:
[code]<%
java.util.Enumeration headers = request.getHeaderNames();
while(headers.hasMoreElements())
{
String headName = (String)headers.nextElement();
String headValue = request.getHeader(headName);
out.println(headName+"="+headValue+"<br>");
}
%>[/code]
[b]打印出的结果如下:[/b]
[code]JSESSIONID=FKyzH2hmpdjJ2vZrZjY0HvM68K4FnvnDTrwLJm4ZT0hwR121tCCS!-401940707
JSESSIONID=FKyF42pkgshMDlKzPnv6tP196b2wrGqJH1Q4wVrhBTJSj16JnJm3!-401940707
JSESSIONID=FKyhDPvVrZ2zJfJkyCNQLTyDy2QBZ2ym6ZhsPJKGVQw19KxZm1Jm!-401940707[/code]
只贴出了JSESSIONID的部分,[color=red]我奇怪的是为什么浏览器会发送不同的JSESSIONID.
而通过计算机名称访问则没有任何问题。另外在本机部署一个老的应用用Struts开发,无论通过IP还是计算机名访问都无问题,第一次碰到这种问题,束手无策,另外声明我在web.xml中没有进行任何有关session的配置。[/color]
登录系统后随便点哪个链接都会退出系统。下面贴出我的部分代码:
[b]配置文件[/b]
[code]<?xml version="1.0" encoding="UTF-8" ?>
<!DOCTYPE beans PUBLIC "-//SPRING//DTD BEAN//EN" "http://www.springframework.org/dtd/spring-beans.dtd">
<beans>
<bean id="encodingInterceptor" class="com.cm.web.interceptor.EncodingInterceptor"/>
<bean id="securityInterceptor" class="com.cm.web.interceptor.SecurityInterceptor"/>
<bean id="exceptionResolver" class="org.springframework.web.servlet.handler.SimpleMappingExceptionResolver">
<property name="defaultErrorView">
<value>error</value>
</property>
<property name="exceptionMappings">
<props>
<prop key="java.lang.Exception">error</prop>
</props>
</property>
</bean>
<bean id="viewResolver" class="org.springframework.web.servlet.view.ResourceBundleViewResolver">
<property name="basename"><value>cm</value></property>
<property name="defaultParentView"><value>modelView</value></property>
</bean>
<!--Not Need Logon.......................-->
<bean id="urlMapping" class="org.springframework.web.servlet.handler.SimpleUrlHandlerMapping">
<property name="interceptors">
<list>
<ref local="encodingInterceptor"/>
</list>
</property>
<property name="mappings">
<props>
<prop key="/login.do">accountController</prop>
<prop key="/loginproc.do">accountController</prop>
<prop key="/passwordmod.do">accountController</prop>
<prop key="/passmodprocess.do">accountController</prop>
<prop key="/forgetpassword.do">accountController</prop>
<prop key="/forgetpasswordprocess.do">accountController</prop>
</props>
</property>
</bean>
<!--Need Logon....................................-->
<bean id="securityUrlMapping" class="org.springframework.web.servlet.handler.SimpleUrlHandlerMapping">
<property name="interceptors">
<list>
<ref local="encodingInterceptor"/>
<ref local="securityInterceptor"/>
</list>
</property>
<property name="mappings">
<props>
<prop key="/index.do">indexController</prop>
<prop key="/resource/resourceIndex.do">indexController</prop>
<prop key="/department/departmentMember.do">indexController</prop>
<prop key="/index/linkmanGcheng.do">indexController</prop>
<prop key="/index/linkmanJsdw.do">indexController</prop>
<prop key="/index/linkmanXy.do">indexController</prop>
<prop key="/index/customerXyIndex.do">indexController</prop>
<prop key="/index/customerDZD.do">indexController</prop>
</props>
</property>
</bean>
<bean id="cmMethodNameResolver" class="org.springframework.web.servlet.mvc.multiaction.PropertiesMethodNameResolver">
<property name="mappings">
<props>
<prop key="/login.do">handleLoginView</prop>
<prop key="/loginproc.do">handleLoginProcess</prop>
<prop key="/index.do">handleIndex</prop>
<prop key="/passwordmod.do">handleModifyPasswordView</prop>
<prop key="/passmodprocess.do">handleModifyPasswordProcess</prop>
<prop key="/forgetpassword.do">handelForgetPassword</prop>
<prop key="/forgetpasswordprocess.do">handleForgetPasswordProcess</prop>
<prop key="/resource/resourceIndex.do">handelIndexResource</prop>
<prop key="/department/departmentMember.do">handleDepartmentMember</prop>
<prop key="/index/linkmanGcheng.do">handleLinkmanGcheng</prop>
<prop key="/index/linkmanJsdw.do">handleLinkmanJsdw</prop>
<prop key="/index/linkmanXy.do">handleLinkmanXy</prop>
<prop key="/index/customerXyIndex.do">handleCustomerXyIndex</prop>
<prop key="/index/customerDZD.do">handleIndexCustomerDZD</prop>
</props>
</property>
</bean>
<bean id="accountController" class="com.cm.web.controller.AccountController">
<property name="methodNameResolver"><ref local="cmMethodNameResolver"/></property>
<property name="userService"><ref bean="userService"/></property>
</bean>
<bean id="indexController" class="com.cm.main.web.controller.IndexController">
<property name="methodNameResolver"><ref local="cmMethodNameResolver"/></property>
<property name="generalService"><ref bean="generalService"/></property>
<property name="userService"><ref bean="userService"/></property>
</bean>
</beans>[/code]
[b]登录代码[/b]
[code]
public class AccountController extends AbstractSuperController {
//登录系统代码
public ModelAndView handleLoginProcess(HttpServletRequest request,
HttpServletResponse response) throws ServletException {
try {
User user = new User();
String username = request.getParameter("username");
String password = request.getParameter("password");
user.setName(username);
user.setPassword(password);
user = userService.selectUserByUsernameAndPassword(user);
if (null != user) {
log.info("User " + user.getName() + " Department "
+ user.getCmdeptname() + " logon...................");
HttpSession session = request.getSession(true);
session.setMaxInactiveInterval(3600);
//WebUtils.setSessionAttribute(request, "user", user);
session.setAttribute("user", user);
Cookie cookie = new Cookie("username", encode(username));
cookie.setMaxAge(60 * 60 * 24 * 365);
response.addCookie(cookie);
return new ModelAndView(new RedirectView("/cm/index.do"));
}
} catch (Exception e) {
log.error("", e);
}
return new ModelAndView(new RedirectView("/cm/login.do"));
}
}[/code]
[b]拦截器代码[/b]
[code]public class SecurityInterceptor extends HandlerInterceptorAdapter {
protected final Log log = LogFactory.getLog(SecurityInterceptor.class);
public boolean preHandle(HttpServletRequest request,
HttpServletResponse response, Object handler) throws Exception {
// User user = (User) WebUtils.getSessionAttribute(request, "user");
// if (user == null) {
// ModelAndView modelAndView = new ModelAndView(new RedirectView(
// "/cm/login.do"));
// log.info("user is
// logout.............................................");
// throw new ModelAndViewDefiningException(modelAndView);
// } else {
// return true;
// }
ModelAndView modelAndView = new ModelAndView(new RedirectView(
"/cm/login.do"));
HttpSession session = request.getSession(false);
if (null == session)
{
throw new ModelAndViewDefiningException(modelAndView);
}
User user = (User) session.getAttribute("user");
if (user == null) {
log.info("#user is logout.............");
throw new ModelAndViewDefiningException(modelAndView);
}
return true;
}
}[/code]
因为我在拦截器中配置session失效则自动到首页。
在login.jsp页面写如下代码:
[code]<%
java.util.Enumeration headers = request.getHeaderNames();
while(headers.hasMoreElements())
{
String headName = (String)headers.nextElement();
String headValue = request.getHeader(headName);
out.println(headName+"="+headValue+"<br>");
}
%>[/code]
[b]打印出的结果如下:[/b]
[code]JSESSIONID=FKyzH2hmpdjJ2vZrZjY0HvM68K4FnvnDTrwLJm4ZT0hwR121tCCS!-401940707
JSESSIONID=FKyF42pkgshMDlKzPnv6tP196b2wrGqJH1Q4wVrhBTJSj16JnJm3!-401940707
JSESSIONID=FKyhDPvVrZ2zJfJkyCNQLTyDy2QBZ2ym6ZhsPJKGVQw19KxZm1Jm!-401940707[/code]
只贴出了JSESSIONID的部分,[color=red]我奇怪的是为什么浏览器会发送不同的JSESSIONID.
而通过计算机名称访问则没有任何问题。另外在本机部署一个老的应用用Struts开发,无论通过IP还是计算机名访问都无问题,第一次碰到这种问题,束手无策,另外声明我在web.xml中没有进行任何有关session的配置。[/color]