Missing session attribute 'user' of type List 解决办法

 @GetMapping("/")
 public String index(@SessionAttribute(WebSecurityConfig.SESSION_KEY) List<Map<String, Object>>  list, Model model) {

            model.addAttribute("boy", list);

            return "index";
 }

像上面这样，获取 session,如果session为空，无法返回模板，会提示

Missing session attribute 'user' of type List   错误

 

解决方法如下：

用  HttpSession session  代替   @SessionAttribute(WebSecurityConfig.SESSION_KEY) List<Map<String, Object>> list

这个是控制器里面的

 @GetMapping("/")
    public String index(HttpSession session,Model model) {

        Object obj =  session.getAttribute(WebSecurityConfig.SESSION_KEY);
        model.addAttribute("boy", obj);
        System.out.println(WebSecurityConfig.SESSION_KEY);
        return "index";
    }

这样果session为空，也会返回模板，不会出错

templates下的模板 index.html如下：

<ul class="topNav">

            <li th:each="a:${boy}">
                <span th:text="${a.user_id}"></span>
                <span th:text="${a.user_name}"></span>

            </li>


        </ul>

 

 

WebSecurityConfig”类如下

package com.example.web;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.web.servlet.config.annotation.InterceptorRegistration;
import org.springframework.web.servlet.config.annotation.InterceptorRegistry;
import org.springframework.web.servlet.config.annotation.WebMvcConfigurerAdapter;
import org.springframework.web.servlet.handler.HandlerInterceptorAdapter;

@Configuration
public class WebSecurityConfig extends WebMvcConfigurerAdapter{

    /**
     * 登录session key
     */
    public final static String SESSION_KEY = "user";

    @Bean
    public SecurityInterceptor getSecurityInterceptor() {
        return new SecurityInterceptor();
    }

    public void addInterceptors(InterceptorRegistry registry) {
        InterceptorRegistration addInterceptor = registry.addInterceptor(getSecurityInterceptor());

        // 排除配置
        //addInterceptor.excludePathPatterns("/error");
        addInterceptor.excludePathPatterns("/**");

        // 拦截配置
        addInterceptor.addPathPatterns("/admin/**");
    }

    private class SecurityInterceptor extends HandlerInterceptorAdapter {

        @Override
        public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler)
                throws Exception {
            HttpSession session = request.getSession();
            if (session.getAttribute(SESSION_KEY) != null)
                return true;

            // 跳转登录
            String url = "/login";
            response.sendRedirect(url);
            return false;
        }
    }
}

 

登录那边的代码如下：

// 用户登录
    public boolean login(String loginname, String password,HttpSession session) {

        sql = "select * from user where user_name = '"
                + loginname + "' and password = '"
                + password + "'";
        list = jdbcTemplate.queryForList(sql);
        if (!list.isEmpty()) {

            // 设置session
            session.setAttribute(WebSecurityConfig.SESSION_KEY, list );


            System.out.println(WebSecurityConfig.SESSION_KEY);

            flag = true;
        } else {
            flag = false;
        }
        return flag;
    }