Announcement Announcement Module
Collapse
No announcement yet.
hibernate4-springsecurity No Session found for current thread Page Title Module
Move Remove Collapse
X
Conversation Detail Module
Collapse
  • Filter
  • Time
  • Show
Clear All
new posts

  • hibernate4-springsecurity No Session found for current thread

    Hi
    When I startup my application,I'v got an Exception when invokes loading resource define method
    Code:
    Caused by: org.hibernate.HibernateException: No Session found for current thread
    	at org.springframework.orm.hibernate4.SpringSessionContext.currentSession(SpringSessionContext.java:97)
    	at org.hibernate.internal.SessionFactoryImpl.getCurrentSession(SessionFactoryImpl.java:980)
    	at luna.commons.base.dao.AbstractDao.qbc(AbstractDao.java:90)
    	at luna.commons.base.dao.AbstractDao.qbc(AbstractDao.java:109)
    	at luna.commons.security.MyInvocationSecurityMetadataSource.loadResourceDefine(MyInvocationSecurityMetadataSource.java:53)
    	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    	at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
    	at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
    	at java.lang.reflect.Method.invoke(Unknown Source)
    	at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.invokeCustomInitMethod(AbstractAutowireCapableBeanFactory.java:1612)
    	at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.invokeInitMethods(AbstractAutowireCapableBeanFactory.java:1553)
    	at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.initializeBean(AbstractAutowireCapableBeanFactory.java:1483)
    	... 58 more
    the method
    Code:
    	@Autowired
    	private ResourceDao resourceDao;
    	@Transactional(readOnly=true,propagation=Propagation.REQUIRED)
    	public void loadResourceDefine(){
    		resourceMap  = new HashMap<String,Collection<ConfigAttribute>>();	
    		List<Resource> resourceList = resourceDao.qbc(FilterSet.newFilterSet().addFilter(new Filter("status",Resource.STATUS_ENABLE,Operator.EQUAL)).getFilters(), null);
    		if(resourceList != null){
    			for(Resource resource : resourceList){
    				Collection<ConfigAttribute> attrs = new ArrayList<ConfigAttribute>();
    				if(resource.getRoles() != null){
    					for(Role role : resource.getRoles()){
    						attrs.add(new SecurityConfig(role.getRoleCode()));
    					}
    				}
    				resourceMap.put(resource.getPattern(), attrs);
    			}
    		}
    	}
    web.xml
    Code:
    	<context-param>
    		<param-name>contextConfigLocation</param-name>
    		<param-value>classpath:app-resource.xml,classpath:app-service.xml,classpath:spring-security.xml</param-value>
    	</context-param>
    applicationContext.xml
    Code:
    	<tx:annotation-driven/>
    	<bean id="transactionManager"
    		class="org.springframework.jdbc.datasource.DataSourceTransactionManager"
    		p:dataSource-ref="dataSource" />
    spring-security.xml
    Code:
    <http pattern="/login*" security="none"></http>
    	<http pattern="/static/**" security="none" ></http>
    	<http pattern="/menu**" security="none"></http>
    	<http use-expressions="true" entry-point-ref="authenticationProcessingFilterEntryPoint">  
    		<custom-filter position="FORM_LOGIN_FILTER" ref="validateCodeAuthenticationFilter" />
    		<remember-me />
    <!-- 		<logout logout-url="/logout" logout-success-url="/user/login"/> -->
    		<access-denied-handler ref="accessDeniedHandler"/>
    		<session-management invalid-session-url="/timeout">
    			<concurrency-control max-sessions="10" error-if-maximum-exceeded="true" />
    		</session-management>
    		<custom-filter ref="securityFilter" before="FILTER_SECURITY_INTERCEPTOR"/>
    	</http>
    	<beans:bean id="authenticationProcessingFilterEntryPoint" class="org.springframework.security.web.authentication.LoginUrlAuthenticationEntryPoint">  
    		<beans:property name="loginFormUrl" value="/login"></beans:property>  
    	</beans:bean> 
        <beans:bean id="securityFilter" class="luna.commons.security.MyFilterSecurityInterceptor">
    		<beans:property name="authenticationManager" ref="myAuthenticationManager" />
        	<beans:property name="accessDecisionManager" ref="myAccessDecisionManager" />
        	<beans:property name="securityMetadataSource" ref="mySecurityMetadataSource" />
        </beans:bean>
    	<beans:bean id="validateCodeAuthenticationFilter"  class="org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter">  
    		<beans:property name="usernameParameter" value="username"></beans:property>
    		<beans:property name="passwordParameter" value="password"></beans:property>
    		<beans:property name="authenticationManager" ref="myAuthenticationManager"></beans:property>  
    	</beans:bean>
    	<authentication-manager alias="myAuthenticationManager">
    		<authentication-provider user-service-ref="userDetailServiceImpl" />
    	</authentication-manager>
    	
    	<beans:bean id="myAccessDecisionManager" class="luna.commons.security.MyAccessDecisionManager"></beans:bean>
    	<beans:bean id="mySecurityMetadataSource" class="luna.commons.security.MyInvocationSecurityMetadataSource" init-method="loadResourceDefine"></beans:bean>
    	<beans:bean id="userDetailServiceImpl" class="luna.commons.security.UserDetailsServiceImpl"></beans:bean>
    	<beans:bean id="accessDeniedHandler"  class="luna.commons.security.MyAccessDeniedHandler"></beans:bean>
    how can I resolve this issue ?
    Thank you!

  • #2
    Hi

    First look at https://jira.springsource.org/browse/SPR-9020.

    The problem here is that the init-method="loadResourceDefine" seem to be called without transactional proxy so there's no Hibernate objects (SessionHolder) in scope.

    Transactional proxies are created by org.springframework.aop.framework.autoproxy.Infras tructureAdvisorAutoProxyCreator which wraps the target bean in Transactional Proxy only in org.springframework.aop.framework.autoproxy.Abstra ctAutoProxyCreator.postProcessAfterInitialization( Object, String), not in org.springframework.aop.framework.autoproxy.Abstra ctAutoProxyCreator.postProcessBeforeInitialization (Object, String). So your init-method (or @PostConstruct or afterPropertiesSet()) are called on target object, not on transactional proxy.

    You may inject a SessionFactory and HibernateTransactionManager to your MyInvocationSecurityMetadataSource and directly use TransactionTemplate in your init-method.

    regards
    Grzegorz Grzybek

    Comment

    Working...
    X