セッションHTTP - 春と角2

Question

春の起動アプリケーションに認証機能を追加する際に問題があります。 以下のようにセッションパターンを実装しました。

AdminSession.java

@Component 
@Scope(value="session", proxyMode = ScopedProxyMode.TARGET_CLASS) 
public class AdminSession { 
private final String id = UUID.randomUUID().toString(); 
private Admin admin; 

public String getId() { 
    return id; 
} 

public Admin getAdmin() { 
    return admin; 
} 

public void setAdmin(Admin admin) { 
    this.admin = admin; 
} 
} 

AdminController.java

@RequestMapping("/admin") 
@CrossOrigin 
@RestController 
public class AdminController extends RestAbstractController<Admin, AdminService>{ 
@Autowired 
private AdminService adminService; 
@Autowired 
private AdminSession adminSession; 


@RequestMapping(value="/auth",method=RequestMethod.POST) 
public ResponseEntity<Admin> auth(
@RequestParam("pseudo") String pseudo, 
@RequestParam("password") String password, 
){ 
Admin a = this.adminService.auth(pseudo, password); 
if(a instanceof Admin) { 
this.adminSession.setAdmin(a); 
System.out.println("[DEBUG] Login "+this.adminSession.getAdmin()); 
this.displaySessionInfo(); 
}else System.err.println("[ERROR] a is not Admin instance"); 
return new ResponseEntity<Admin>(a,HttpStatus.ACCEPTED); 
} 

public Admin add(@RequestBody Admin admin){ 
if(!this.adminService.exist(admin.getPseudo())){ 
return super.add(admin); 
}else return new Admin(); 

} 

@RequestMapping("/isAuth") 
public Admin isAuth(){ 

this.displaySessionInfo(); 
return this.adminSession.getAdmin(); 

} 

private void displaySessionInfo(){ 
System.out.println("[DEBUG] Session info : "+this.adminSession.getId()+" "+this.adminSession.getAdmin()+" "+this.adminSession.toString()); 
} 


} 

問題は、私は角度側に接続しようとすると、春はセッション中にユーザーを正しく保存していることです。しかし、ログイン後にURL '/ admin/isAuth'にアクセスしようとすると、セッションは同じではありません。

コンソールログ

2017-05-03 19:08:52.258 INFO 756 --- [nio-8080-exec-1] o.s.web.servlet.DispatcherServlet  : FrameworkServlet 'dispatcherServlet': initialization completed in 124 ms 
# FIRST LOGIN 
[DEBUG] Client connexion : 127.0.0.1 on /admin/auth 
[DEBUG] Login root 
[DEBUG] Session info : 31e7a837-7b0e-4bcc-83a2-b5297a76d2e0 root fr.-----.session.AdminSession@6039cb34 
# LOGIN SUCCESSFUL 
# CHECK IS LOGIN 
[DEBUG] Client connexion : 127.0.0.1 on /admin/isAuth 
[DEBUG] Session info : f83ba190-0faa-480b-be1d-4b2745d4a168 null fr.-----.session.AdminSession@6052863f 

側度2

Admin.service.ts

auth(pseudo:string,password:string):Observable<Admin>{ 
let headers = new Headers({ 'Content-Type': 'application/x-www-form-urlencoded;' }); 
let options = new RequestOptions({ headers: headers }); 
return this.http.post(this.provider.getURL()+"/admin/auth","pseudo="+pseudo+"&password="+password,options) 
.map(this.extractData); 
} 

Login.component.ts私は私のHTTPセッションを失ったのはなぜ

submit(){ 
    this.process=true; 
    this.adminService.auth(this.pseudo,this.password).subscribe(t=>{ 
     this.adminService.isAuth(); 
     this.process=false; 
     this.adminService.isAuthentified = true; 
     this.provider.tokenSession = t; 
     this.adminService.isAuth().subscribe(t=>console.log("Test login")); 
     this.router.navigate(['/']); 
    },err=>console.error(err)); 
    } 

？

ありがとうございました。 "providerService" 私は、Webサービスの春にジュストIPアクセスを持っているで

Answer 1

AdminService.java

@Service 
public class AdminService extends RestAbstractService<Admin, AdminRepository>{ 

    @Autowired 
    private AdminRepository adminRepository; 

    public Admin auth(String pseudo, String password, AdminSession adminSession){ 
     Admin a = this.adminRepository.findAdminByPseudo(pseudo); 
     if(a instanceof Admin) 
      if(a.getPassword().equals(password)) { 
       adminSession.setAdmin(a); 
       a.setPassword(null); 
       return a; 
      } 
      else return null; 
     else if(pseudo.equals("root") & Admin.root.getPassword().equals(password)) 
      return Admin.root; 
     else return null; 
    } 

    public boolean exist(String pseudo){ 
     return this.adminRepository.findAdminByPseudo(pseudo) instanceof Admin; 
    } 

    public boolean isAuth(AdminSession adminSession){ 
     return adminSession.getAdmin() instanceof Admin; 
    } 


    public void logout(AdminSession adminSession){ 
     adminSession.setAdmin(null); 
    } 
} 

Admin.service.ts

@Injectable() 
export class AdminService { 
    isAuthentified:boolean; 
    constructor(private provider :ProviderService, private http:Http) { } 

    auth(pseudo:string,password:string):Observable<Admin>{ 
    let headers = new Headers({ 'Content-Type': 'application/x-www-form-urlencoded;' }); 
    let options = new RequestOptions({ headers: headers }); 
    return this.http.post(this.provider.getURL()+"/admin/auth","pseudo="+pseudo+"&password="+password,options) 
     .map(this.extractData); 
    } 

    isAuth():Observable<boolean>{  
    let headers = new Headers({ 'Content-Type': 'application/json;', 'token': this.provider.tokenSession.token}); 
    let options = new RequestOptions({ headers: headers }); 
    return this.http.get(this.provider.getURL()+"/admin/isAuth",) 
     .map(this.extractBoolean); 
    } 

    private extractData(res: Response) { 
    let body = res.json(); 
    return body; 
    } 

    private extractBoolean(res:Response){ 
    this.isAuthentified = res.text() === 'true'; 
    return this.isAuthentified; 
    } 


    private handleError (error: Response | any) { 
    let errMsg: string; 
    if (error instanceof Response) { 
     const body = error.json() || ''; 
     const err = body.error || JSON.stringify(body); 
     errMsg = `${error.status} - ${error.statusText || ''} ${err}`; 
    } else { 
     errMsg = error.message ? error.message : error.toString(); 
    } 
    console.error(errMsg); 
    return Observable.throw(errMsg); 
    } 

} 

。

Answer 2

私はこの問題を特定しました。 I'ts side Angular 2. eatchリクエストの場合、ヘッダーには 'withCredentials'が必要です。

export class MyService { 
    private httpGetOptions : RequestOptions = new RequestOptions({ withCredentials: true }); 

    getSomeone(): Observable<any> { 
    return this.http.get(url,this.httpGetOptions); 
    } 
}