我尝试过:
@WebServlet(urlPatterns = "/TestServlet")
public class TestServlet extends HttpServlet {
@Override
protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
VaadinSession session = VaadinSession.getCurrent();
// session is null
}
}
上下文:我有一些标准 servlet 与我的普通 Vaadin 应用程序混合在一起。例如,它们处理一些下载或打印请求。但我需要一种方法来检查登录/权限。
我认为你可以使用 Spring Security 来达到此目的。
请检查此答案以了解如何使用它 Spring Security 如何在 Servlet 上工作
这是我用来解决这个问题的方法。
它需要将 Spring 的
RequestFilter
安装为 servlet 过滤器。如果您使用 Spring,这通常会自动发生,或者如果您没有使用 Spring,则可以独立添加它。
import com.google.common.base.Preconditions;
import com.vaadin.flow.server.VaadinSession;
import com.vaadin.flow.server.VaadinSessionState;
import jakarta.servlet.http.HttpServletRequest;
import java.util.Optional;
import org.springframework.web.context.request.RequestAttributes;
import org.springframework.web.context.request.RequestContextHolder;
public final class VaadinSessionFinder {
private VaadinSessionFinder() {
}
/**
* Find the {@link VaadinSession} associated with the current HTTP request.
*
* <p>
* The session is found by directly inspecting the current HTTP session, so this will work
* even if the current thread is not executing within the Vaadin servlet.
*
* <p>
* This method relies on Spring's {@link RequestContextHolder} to locate the current HTTP request.
*
* @return the {@link VaadinSession} associated with the current HTTP request, if any
*/
public static Optional<VaadinSession> find() {
// Get the current HTTP request
final HttpServletRequest request = (HttpServletRequest)RequestContextHolder.currentRequestAttributes()
.resolveReference(RequestAttributes.REFERENCE_REQUEST);
// Find the VaadinSession in the HTTP session (this logic follows VaadinService.java)
final String servletName = request.getHttpServletMapping().getServletName();
final String attributeName = String.format("%s.%s", VaadinSession.class.getName(), servletName);
return Optional.ofNullable(request.getSession(false))
.map(session -> session.getAttribute(attributeName))
.map(VaadinSession.class::cast);
}
/**
* Invoke the given action in the context of the {@link VaadinSession} associated with the current HTTP request.
*
* @param action the action to perform
* @return true if successfully dispatched, false if {@code session} is not in state {@link VaadinSessionState#OPEN}
* @throws IllegalStateException if there is no current HTTP request or {@link VaadinSession} associated with it
* @throws IllegalArgumentException if {@code action} is null
*/
public static boolean access(Runnable action) {
Preconditions.checkArgument(action != null, "null action");
final VaadinSession session = VaadinSessionFinder.find()
.orElseThrow(() -> new IllegalStateException("no VaadinSession found"));
if (!VaadinSessionState.OPEN.equals(session.getState()))
return false;
session.access(action::run);
return true;
}
}