人最宝贵的是生命。它给予我们只有一次。人的一生应当这样度过:当他回首往事时不因虚度年华而悔恨,也不因碌碌无为而羞耻。这样在他临死的时侯就能够说:"我已把我整个的生命和全部精力都献给最壮丽的事业—为人类的解放而斗争"。新浪微博

Spring+shiro session与线程池的坑

在java web编程中,经常使用shiro来管理session,也确实好用

  1. shiro来获取session的方式

SecurityUtils.getSubject().getSession()

其中SecurityUtils的getSubject代码如下

/**
     * Returns the currently accessible {@code Subject} available to the calling code depending on
     * runtime environment.
     * <p/>
     * This method is provided as a way of obtaining a {@code Subject} without having to resort to
     * implementation-specific methods.  It also allows the Shiro team to change the underlying implementation of
     * this method in the future depending on requirements/updates without affecting your code that uses it.
     *
     * @return the currently accessible {@code Subject} accessible to the calling code.
     * @throws IllegalStateException if no {@link Subject Subject} instance or
     *                               {@link SecurityManager SecurityManager} instance is available with which to obtain
     *                               a {@code Subject}, which which is considered an invalid application configuration
     *                               - a Subject should <em>always</em> be available to the caller.
     */
    public static Subject getSubject() {
        Subject subject = ThreadContext.getSubject();
        if (subject == null) {
            subject = (new Subject.Builder()).buildSubject();
            ThreadContext.bind(subject);
        }
        return subject;
    }

  

 

Subject subject = ThreadContext.getSubject();

获取进程上下文,这个存在了问题,如果在使用线程池,获取的就是线程池里面的session,如果线程池为配置过期时间,那么线程池里面的线程一直不变,就会出现在线程池里面getsession就会是上一次的session,导致获取session失败

 

线程池原理可参考

https://www.cnblogs.com/ytxiao/articles/11081136.html

posted @ 2019-06-25 14:13  草根玉堂  阅读(2481)  评论(4编辑  收藏  举报