如何从普通 Servlet 访问 VaadinSession?

问题描述 投票:0回答:2

我尝试过:

@WebServlet(urlPatterns = "/TestServlet")
public class TestServlet extends HttpServlet {
  @Override
  protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
   VaadinSession session = VaadinSession.getCurrent();
   // session is null
  }
}

上下文:我有一些标准 servlet 与我的普通 Vaadin 应用程序混合在一起。例如,它们处理一些下载或打印请求。但我需要一种方法来检查登录/权限。

session servlets vaadin vaadin8
2个回答
0
投票

我认为你可以使用 Spring Security 来达到此目的。

请检查此答案以了解如何使用它 Spring Security 如何在 Servlet 上工作


0
投票

这是我用来解决这个问题的方法。

它需要将 Spring 的

RequestFilter
安装为 servlet 过滤器。如果您使用 Spring,这通常会自动发生,或者如果您没有使用 Spring,则可以独立添加它。

import com.google.common.base.Preconditions;
import com.vaadin.flow.server.VaadinSession;
import com.vaadin.flow.server.VaadinSessionState;

import jakarta.servlet.http.HttpServletRequest;

import java.util.Optional;

import org.springframework.web.context.request.RequestAttributes;
import org.springframework.web.context.request.RequestContextHolder;

public final class VaadinSessionFinder {

    private VaadinSessionFinder() {
    }

    /**
     * Find the {@link VaadinSession} associated with the current HTTP request.
     *
     * <p>
     * The session is found by directly inspecting the current HTTP session, so this will work
     * even if the current thread is not executing within the Vaadin servlet.
     *
     * <p>
     * This method relies on Spring's {@link RequestContextHolder} to locate the current HTTP request.
     *
     * @return the {@link VaadinSession} associated with the current HTTP request, if any
     */
    public static Optional<VaadinSession> find() {

        // Get the current HTTP request
        final HttpServletRequest request = (HttpServletRequest)RequestContextHolder.currentRequestAttributes()
          .resolveReference(RequestAttributes.REFERENCE_REQUEST);

        // Find the VaadinSession in the HTTP session (this logic follows VaadinService.java)
        final String servletName = request.getHttpServletMapping().getServletName();
        final String attributeName = String.format("%s.%s", VaadinSession.class.getName(), servletName);
        return Optional.ofNullable(request.getSession(false))
          .map(session -> session.getAttribute(attributeName))
          .map(VaadinSession.class::cast);
    }

    /**
     * Invoke the given action in the context of the {@link VaadinSession} associated with the current HTTP request.
     *
     * @param action the action to perform
     * @return true if successfully dispatched, false if {@code session} is not in state {@link VaadinSessionState#OPEN}
     * @throws IllegalStateException if there is no current HTTP request or {@link VaadinSession} associated with it
     * @throws IllegalArgumentException if {@code action} is null
     */
    public static boolean access(Runnable action) {
        Preconditions.checkArgument(action != null, "null action");
        final VaadinSession session = VaadinSessionFinder.find()
          .orElseThrow(() -> new IllegalStateException("no VaadinSession found"));
        if (!VaadinSessionState.OPEN.equals(session.getState()))
            return false;
        session.access(action::run);
        return true;
    }
}
© www.soinside.com 2019 - 2024. All rights reserved.