发表新帖
发表新帖

Session mix up - apache httpd with mod_jk, tomcat, spring security - serving data of other user

前端 未结
关注
5 1497
孤城傲影
孤城傲影 2021-01-13 10:07

Recently we have faced a serious problem, that one user was served data of another user. This problem is almost impossible to reproduce.

We are using standard logged

5条回答
  • 南笙
    南笙 (楼主)
    2021-01-13 10:34

    When you integrate JSF and Spring, the JSF dependency injection conflicts with Spring dependency injection so Spring rewrote the JSF module that handles that to just wrap Spring DI instead. So when I declare a JSF ManagedBean as Session Scoped, I must also give it a @Controller annotation so that it is recognized as a Spring Bean as well.

    For More info, See this.

    0 讨论(0)
 看不清?
提交回复
热议问题