我的情况类似于我的情况 . 首先我只是在后端使用 SecurityContextHolder.clearContext() 但是它会使会话保持活动状态,然后我继续会话失效并将任何现有的cookie年龄设置为0.但是我面对另一个问题,如下所述 .
org.springframework.web.util.NestedServletException:请求处理失败;嵌套异常是org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:982)中的java.lang.NullPointerException,位于javax.servlet的org.springframework.web.servlet.FrameworkServlet.doGet(FrameworkServlet.java:866) .http.HttpServlet.service(HttpServlet.java:635)位于org.springframework.web.servlet.FrameworkServlet.service(FrameworkServlet.java:851)的javax.servlet.http.HttpServlet.service(HttpServlet.java:742)at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter在org.apache.tomcat.websocket.server.WsFilter(ApplicationFilterChain.java:231)在org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) . 的doFilter(WsFilter.java:52)在org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)在org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)在org.springframework .security.web.FilterChainProxy $ VirtualFilterChain.doFilter(FilterChainP roxy.java:320)在org.springframework.security.web.access.intercept.FilterSecurityInterceptor.invoke(FilterSecurityInterceptor.java:127)在org.springframework.security.web.access.intercept.FilterSecurityInterceptor.doFilter(FilterSecurityInterceptor.java: 91)在org.springframework.security.web.FilterChainProxy $ VirtualFilterChain.doFilter(FilterChainProxy.java:334)在org.springframework.security.web.access.ExceptionTranslationFilter.doFilter(ExceptionTranslationFilter.java:119)在org.springframework.security位于org.springframework.security.web.FilterChainProxy $ VirtualFilterChain.doFilter的org.springframework.security.web.session.SessionManagementFilter.doFilter(SessionManagementFilter.java:137)中的.web.FilterChainProxy $ VirtualFilterChain.doFilter(FilterChainProxy.java:334) (FilterChainProxy.java:334)org.springframework.security.web.authentication.AnonymousAuthenticationFilter.doFilter(AnonymousAuthenticationFilter.java:111)org.springframework.security.web.FilterChainProxy $ Virtua lFilterChain.doFilter(FilterChainProxy.java:334)org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter.doFilter(SecurityContextHolderAwareRequestFilter.java:170)at org.springframework.security.web.FilterChainProxy $ VirtualFilterChain.doFilter(FilterChainProxy.java: 334)在org.springframework.security.web.savedrequest.RequestCacheAwareFilter.doFilter(RequestCacheAwareFilter.java:63)在org.springframework.security.web.FilterChainProxy $ VirtualFilterChain.doFilter(FilterChainProxy.java:334)在org.springframework.security Org.springframework.security.web.FilterChainProxy $ VirtualFilterChain.doFil (FilterChainProxy.java:334)org.springframework.security.we上的org.springframework.security.web.authentication.logout.LogoutFilter.doFilter(LogoutFilter.java:116) b.FilterChainProxy $ VirtualFilterChain.doFilter(FilterChainProxy.java:334)org.springframework.security.web.header.HeaderWriterFilter.doFilterInternal(HeaderWriterFilter.java:66)org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter . 的java:107)在org.springframework.security.web.FilterChainProxy $ VirtualFilterChain.doFilter(FilterChainProxy.java:334)在org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:105)在org.springframework位于org.springframework.web.filter的org.springframework.security.web.context.request.async.WebAsyncManagerIntegrationFilter.doFilterInternal(WebAsyncManagerIntegrationFilter.java:56)的.security.web.FilterChainProxy $ VirtualFilterChain.doFilter(FilterChainProxy.java:334) .OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)org.springframework.sec上的org.springframework.security.web.FilterChainProxy $ VirtualFilterChain.doFilter(FilterChainProxy.java:334) urg.web.FilterChainProxy.doFilterInternal(FilterChainProxy.java:215)org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:178)org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java: 357)org.apache.workCilalCore上的org.apache文件 . 我在org.apache上发表了一个org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)的org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:270) .doFilter(ApplicationFilterChain.java:166)atorg.springframework.web.filter.RequestContextFilter.doFilterInternal(RequestContextFilter.java:99)org.apringframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)org.apache.catalina.core.ApplicationFilterChain.internalDoFilter( ApplicationFilterChain.java:193)org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)atg.springframework.web.filter.HttpPutFormContentFilter.doFilterInternal(HttpPutFormContentFilter.java:109)org.springframework.web .filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) )org.apac上的org.springframework.web.filter.HiddenHttpMethodFilter.doFilterInternal(HiddenHttpMethodFilter.java:93)org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)来自org.apringframework.session.web.http.SessionRepositoryFilter.doFilterInternal的org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)中的he.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) SessionRepositoryFilter.java:147)org.apache上的org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)org.springframework.session.web.http.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:81) .catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)org.springframework.web.filter.CharacterEncodingFilter.doFilterInternal(CharacterEncodingFilter.java:200)at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java) :107)在com.boo的org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)中的kstore.config.RequestFilter.doFilter(RequestFilter.java:30)位于org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java: 166)org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:198)org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:96)at org.apache.catalina.authenticator.AuthenticatorBase .invoke(AuthenticatorBase.java:493)org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:140)org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:81)at org . 位于org.apache.catalina.connevice.CoyoteAdapter.service(CoyoteAdapter.java:342)的apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:87)位于org.apache.coyote.http11.Http11Processor.service(Http11Processor . java:800)at org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:6 6)org.apache.coyote.AbstractProtocol $ ConnectionHandler.process(AbstractProtocol.java:806)org.apache.tomcat.util.net.NioEndpoint $ SocketProcessor.doRun(NioEndpoint.java:1498)org.apache.tomcat .util.net.SocketProcessorBase.run(SocketProcessorBase.java:49)java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)java.util.concurrent.ThreadPoolExecutor $ Worker.run(ThreadPoolExecutor.java:624) )at org.apache.tomcat.util.threads.TaskThread $ WrappingRunnable.run(TaskThread.java:61)at java.lang.Thread.run(Thread.java:748)引起:com的java.lang.NullPointerException . book.controller.LoginResource.logout(LoginResource.java:53)at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)at sun.reflect.DelegatingMethodAccessorImpl.invoke( DelegatingMethodAccessorImpl.java:43)在org.springframework.web.method.support.In的java.lang.reflect.Method.invoke(Method.java:498) vocableHandlerMethod.doInvoke(InvocableHandlerMethod.java:209)org.springframework.web.method.support.InvocableHandlerMethod.invokeForRequest(InvocableHandlerMethod.java:136)org.springframework.web.servlet.mvc.method.annotation.ServletInvocableHandlerMethod.invokeAndHandle( ServletInvocableHandlerMethod.java:102)org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerAdapter.invokeHandlerMethod(RequestMappingHandlerAdapter.java:891)at org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerAdapter.handleInternal( RequestMappingHandlerAdapter.java:797)org.springframework.web.servlet.mvc.method.AbstractHandlerMethodAdapter.handle(AbstractHandlerMethodAdapter.java:87)org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:991)at org .springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:925)at atorg.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:974)
当我退出时,我在角度使用此服务:
logout(){
let url="http://localhost:8090/user/logout";
const xToken = localStorage.getItem('xAuthToken');
let headers=new Headers({
'x-auth-token':xToken
});
return this.http.post(url,'',{headers:headers});
}
在后端,我想在注销时使用此方法清除所有活动会话和cookie:
@RequestMapping(value = "/user/logout",method=RequestMethod.POST)
public ResponseEntity logout(HttpServletRequest request, HttpServletResponse response) {
HttpSession session= request.getSession(false);
SecurityContextHolder.clearContext();
session= request.getSession(false);
if(session != null) {
session.invalidate();
}
for(Cookie cookie : request.getCookies()) {
cookie.setMaxAge(0);
}
return new ResponseEntity("Logout Successful !", HttpStatus.OK);
}
当我调试它在包含 HttpSession session 变量的第一行中爆发时,我猜 request.getSession(false) 返回null . 这个假设可能是假的或者是真的,我不确定 .
我很感谢你的帮助 . 谢谢你的合作 .