当前不存在 HttpSession，HttpSession 中没有可用的 SecurityContext：null。将创建一个新的

Question

应用程序在本地机器上工作正常，但在服务器中面临自动会话超时。

DEBUG org.springframework.security.web.context.HttpSessionSecurityContextRepository - No HttpSession currently exists
02:45:03.270 [http-nio-8080-exec-5] DEBUG org.springframework.security.web.context.HttpSessionSecurityContextRepository - No SecurityContext was available from the HttpSession: null. A new one will be created.
02:45:03.270 [http-nio-8080-exec-5] DEBUG org.springframework.security.web.FilterChainProxy - /web/filerequeststransactionses/?page=3&size=10 at position 2 of 10 in additional filter chain; firing Filter: 'LogoutFilter'
02:45:03.270 [http-nio-8080-exec-5] DEBUG org.springframework.security.web.FilterChainProxy - /web/filerequeststransactionses/?page=3&size=10 at position 3 of 10 in additional filter chain; firing Filter: 'UsernamePasswordAuthenticationFilter'
02:45:03.270 [http-nio-8080-exec-5] DEBUG org.springframework.security.web.FilterChainProxy - /web/filerequeststransactionses/?page=3&size=10 at position 4 of 10 in additional filter chain; firing Filter: 'BasicAuthenticationFilter'
02:45:03.270 [http-nio-8080-exec-5] DEBUG org.springframework.security.web.FilterChainProxy - /web/filerequeststransactionses/?page=3&size=10 at position 5 of 10 in additional filter chain; firing Filter: 'RequestCacheAwareFilter'
02:45:03.271 [http-nio-8080-exec-5] DEBUG org.springframework.security.web.FilterChainProxy - /web/filerequeststransactionses/?page=3&size=10 at position 6 of 10 in additional filter chain; firing Filter: 'SecurityContextHolderAwareRequestFilter'
02:45:03.271 [http-nio-8080-exec-5] DEBUG org.springframework.security.web.FilterChainProxy - /web/filerequeststransactionses/?page=3&size=10 at position 7 of 10 in additional filter chain; firing Filter: 'AnonymousAuthenticationFilter'
02:45:03.271 [http-nio-8080-exec-5] DEBUG org.springframework.security.web.authentication.AnonymousAuthenticationFilter - Populated SecurityContextHolder with anonymous token: 'org.springframework.security.authentication.AnonymousAuthenticationToken@6faa3d44: Principal: anonymousUser; Credentials: [PROTECTED]; Authenticated: true; Details: org.springframework.security.web.authentication.WebAuthenticationDetails@ffff4c9c: RemoteIpAddress: 10.92.0.136; SessionId: null; Granted Authorities: ROLE_ANONYMOUS'
02:45:03.271 [http-nio-8080-exec-5] DEBUG org.springframework.security.web.FilterChainProxy - /web/filerequeststransactionses/?page=3&size=10 at position 8 of 10 in additional filter chain; firing Filter: 'SessionManagementFilter'

using these properties in pom.xml

Answer 1

您可能会将服务器匿名会话（访问站点）与与服务器的实际登录会话混淆。 无论哪种方式，您都可以创建一个 http 会话，并且正如错误所说，它在第一次访问时无论如何都会创建一个。 会话对象是如何保存的。 可能是您如何在测试本地主机中关联保持会话的域故障。 或者它可能是服务器对 cookie 和其中的域路径的一些依赖（也许当它应该在 cookie 中更改时表示 localhost - 例如配置 xml）。