Spring+shiro session与线程池的坑
Posted ytxiao
tags:
篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了Spring+shiro session与线程池的坑相关的知识,希望对你有一定的参考价值。
在java web编程中,经常使用shiro来管理session,也确实好用
- shiro来获取session的方式
SecurityUtils.getSubject().getSession()
其中SecurityUtils的getSubject代码如下
/** * Returns the currently accessible @code Subject available to the calling code depending on * runtime environment. * <p/> * This method is provided as a way of obtaining a @code Subject without having to resort to * implementation-specific methods. It also allows the Shiro team to change the underlying implementation of * this method in the future depending on requirements/updates without affecting your code that uses it. * * @return the currently accessible @code Subject accessible to the calling code. * @throws IllegalStateException if no @link Subject Subject instance or * @link SecurityManager SecurityManager instance is available with which to obtain * a @code Subject, which which is considered an invalid application configuration * - a Subject should <em>always</em> be available to the caller. */ public static Subject getSubject() Subject subject = ThreadContext.getSubject(); if (subject == null) subject = (new Subject.Builder()).buildSubject(); ThreadContext.bind(subject); return subject;
Subject subject = ThreadContext.getSubject();
获取进程上下文,这个存在了问题,如果在使用线程池,获取的就是线程池里面的session,如果线程池为配置过期时间,那么线程池里面的线程一直不变,就会出现在线程池里面getsession就会是上一次的session,导致获取session失败
线程池原理可参考
https://www.cnblogs.com/ytxiao/articles/11081136.html
以上是关于Spring+shiro session与线程池的坑的主要内容,如果未能解决你的问题,请参考以下文章