问题
I build a Spring MVC application with thymeleaf views and ran into the following problem. I have a page which should process a form and create a new Entity to persist in the database. In my controller class I have two methods for this. First, the @GetMapping to render the page:
@GetMapping("/dispo/orderCreate")
private String showCreateOrder(Model model) {
List<MdUser> userList = service.getUsers();
model.addAttribute("userList", userList);
return "/dispo/orderCreate";
}
As far as I just wanted to show the page without adding some action to the form, everything works fine. The model attribute "userList" is correctly populated with users from the database.
Now I changed the view to add an action and an object to the form. The code of the view now looks like this:
<form action="#" class="form" id="newOrderForm" th:action="@{/dispo/addOrder}" th:object="${loadOrder}" method="post">
<table class="cont-table" cellpadding="2" cellspacing="2" width="100%">
<tbody>
<tr align="left">
<th align="left" valign="top" width="110">Protokollführer:</th>
<td>
<table border="0" cellpadding="0" cellspacing="1" width="100%">
<tbody>
<tr>
<td height="30">
<select class="selectOneMenue" id="newOrderPersoDropDown" th:field="*{supervisor}">
<option>Bitte auswählen</option>
<option th:each="user : ${userList}"
th:value="user.userId"
th:text="${user.firstName}+' '+${user.lastName}"></option>
</select>
</td>
. . .
</tr>
</tbody>
</table>
<br />
<input style="width:200px" type="submit" value="Speichern" class="commandExButton" id="newOrderSubmit" />
<input style="width:120px" type="reset" value="Zurücksetzen" class="commandExButton" id="newOrderReset" />
</form>
The corresponding @PostMapping looks like this:
@PostMapping("/dispo/addOrder")
public String submit(@ModelAttribute("loadOrder") LoadOrderModel loadOrder, BindingResult result, Model model) {
if (result.hasErrors()) {
return "error";
}
service.createAndSaveLoadOrder(loadOrder);
return "/dispo/success";
}
Now the rendering of the view crashes when the form is reached with the following stacktrace:
Caused by: org.thymeleaf.exceptions.TemplateProcessingException: Error during execution of processor 'org.thymeleaf.spring5.processor.SpringActionTagProcessor' (template: "/dispo/orderCreate" - line 41, col 58)
at org.thymeleaf.processor.element.AbstractAttributeTagProcessor.doProcess(AbstractAttributeTagProcessor.java:117) ~[thymeleaf-3.0.9.RELEASE.jar:3.0.9.RELEASE]
at org.thymeleaf.processor.element.AbstractElementTagProcessor.process(AbstractElementTagProcessor.java:95) ~[thymeleaf-3.0.9.RELEASE.jar:3.0.9.RELEASE]
at org.thymeleaf.util.ProcessorConfigurationUtils$ElementTagProcessorWrapper.process(ProcessorConfigurationUtils.java:633) ~[thymeleaf-3.0.9.RELEASE.jar:3.0.9.RELEASE]
at org.thymeleaf.engine.ProcessorTemplateHandler.handleOpenElement(ProcessorTemplateHandler.java:1314) ~[thymeleaf-3.0.9.RELEASE.jar:3.0.9.RELEASE]
at org.thymeleaf.engine.TemplateHandlerAdapterMarkupHandler.handleOpenElementEnd(TemplateHandlerAdapterMarkupHandler.java:304) ~[thymeleaf-3.0.9.RELEASE.jar:3.0.9.RELEASE]
at org.thymeleaf.templateparser.markup.InlinedOutputExpressionMarkupHandler$InlineMarkupAdapterPreProcessorHandler.handleOpenElementEnd(InlinedOutputExpressionMarkupHandler.java:278) ~[thymeleaf-3.0.9.RELEASE.jar:3.0.9.RELEASE]
at org.thymeleaf.standard.inline.OutputExpressionInlinePreProcessorHandler.handleOpenElementEnd(OutputExpressionInlinePreProcessorHandler.java:186) ~[thymeleaf-3.0.9.RELEASE.jar:3.0.9.RELEASE]
at org.thymeleaf.templateparser.markup.InlinedOutputExpressionMarkupHandler.handleOpenElementEnd(InlinedOutputExpressionMarkupHandler.java:124) ~[thymeleaf-3.0.9.RELEASE.jar:3.0.9.RELEASE]
at org.attoparser.HtmlElement.handleOpenElementEnd(HtmlElement.java:109) ~[attoparser-2.0.4.RELEASE.jar:2.0.4.RELEASE]
at org.attoparser.HtmlMarkupHandler.handleOpenElementEnd(HtmlMarkupHandler.java:297) ~[attoparser-2.0.4.RELEASE.jar:2.0.4.RELEASE]
at org.attoparser.MarkupEventProcessorHandler.handleOpenElementEnd(MarkupEventProcessorHandler.java:402) ~[attoparser-2.0.4.RELEASE.jar:2.0.4.RELEASE]
at org.attoparser.ParsingElementMarkupUtil.parseOpenElement(ParsingElementMarkupUtil.java:159) ~[attoparser-2.0.4.RELEASE.jar:2.0.4.RELEASE]
at org.attoparser.MarkupParser.parseBuffer(MarkupParser.java:710) ~[attoparser-2.0.4.RELEASE.jar:2.0.4.RELEASE]
at org.attoparser.MarkupParser.parseDocument(MarkupParser.java:301) ~[attoparser-2.0.4.RELEASE.jar:2.0.4.RELEASE]
... 87 common frames omitted
Caused by: java.lang.IllegalStateException: Cannot create a session after the response has been committed
at org.apache.catalina.connector.Request.doGetSession(Request.java:3030) ~[tomcat-embed-core-8.5.34.jar:8.5.34]
at org.apache.catalina.connector.Request.getSession(Request.java:2468) ~[tomcat-embed-core-8.5.34.jar:8.5.34]
at org.apache.catalina.connector.RequestFacade.getSession(RequestFacade.java:896) ~[tomcat-embed-core-8.5.34.jar:8.5.34]
at org.apache.catalina.connector.RequestFacade.getSession(RequestFacade.java:908) ~[tomcat-embed-core-8.5.34.jar:8.5.34]
at javax.servlet.http.HttpServletRequestWrapper.getSession(HttpServletRequestWrapper.java:240) ~[tomcat-embed-core-8.5.34.jar:8.5.34]
at javax.servlet.http.HttpServletRequestWrapper.getSession(HttpServletRequestWrapper.java:240) ~[tomcat-embed-core-8.5.34.jar:8.5.34]
at org.springframework.security.web.csrf.HttpSessionCsrfTokenRepository.saveToken(HttpSessionCsrfTokenRepository.java:63) ~[spring-security-web-5.0.8.RELEASE.jar:5.0.8.RELEASE]
at org.springframework.security.web.csrf.LazyCsrfTokenRepository$SaveOnAccessCsrfToken.saveTokenIfNecessary(LazyCsrfTokenRepository.java:175) ~[spring-security-web-5.0.8.RELEASE.jar:5.0.8.RELEASE]
at org.springframework.security.web.csrf.LazyCsrfTokenRepository$SaveOnAccessCsrfToken.getToken(LazyCsrfTokenRepository.java:127) ~[spring-security-web-5.0.8.RELEASE.jar:5.0.8.RELEASE]
at org.springframework.security.web.servlet.support.csrf.CsrfRequestDataValueProcessor.getExtraHiddenFields(CsrfRequestDataValueProcessor.java:71) ~[spring-security-web-5.0.8.RELEASE.jar:5.0.8.RELEASE]
at org.thymeleaf.spring5.context.webmvc.SpringWebMvcThymeleafRequestDataValueProcessor.getExtraHiddenFields(SpringWebMvcThymeleafRequestDataValueProcessor.java:80) ~[thymeleaf-spring5-3.0.9.RELEASE.jar:3.0.9.RELEASE]
at org.thymeleaf.spring5.requestdata.RequestDataValueProcessorUtils.getExtraHiddenFields(RequestDataValueProcessorUtils.java:79) ~[thymeleaf-spring5-3.0.9.RELEASE.jar:3.0.9.RELEASE]
at org.thymeleaf.spring5.processor.SpringActionTagProcessor.doProcess(SpringActionTagProcessor.java:118) ~[thymeleaf-spring5-3.0.9.RELEASE.jar:3.0.9.RELEASE]
at org.thymeleaf.standard.processor.AbstractStandardExpressionAttributeTagProcessor.doProcess(AbstractStandardExpressionAttributeTagProcessor.java:142) ~[thymeleaf-3.0.9.RELEASE.jar:3.0.9.RELEASE]
at org.thymeleaf.processor.element.AbstractAttributeTagProcessor.doProcess(AbstractAttributeTagProcessor.java:74) ~[thymeleaf-3.0.9.RELEASE.jar:3.0.9.RELEASE]
... 100 common frames omitted
Line 41 as indicated by the TemplateProcessingException is the line with the form tag. I have nearly no experience with frontend development so please have patience with me. I think I have to do some http session managing here but don't know what to do and how to do it. Can anyone help me?
回答1:
I finally made it. The problem indeed lied in the http session, or to be more precise, in the HttpSecurity. So I added the following to my configure method in my SecurityConfig class:
http.sessionManagement()
.sessionCreationPolicy(SessionCreationPolicy.ALWAYS)
I still have to find out what SessionCreationPolicy.ALWAYS means for the rest of my application but for now it works :D .
回答2:
I was also having the same issue; applied the suggestion by @Raistlin and its working fine now!!
I had a modal dialog with "form-post" in the lading page. It will fail if I try the modal first. And works fine if I try a GET page first, and come back to this page; definitely something to do with session.
- always – a session will always be created if one doesn't already exist
- ifRequired – a session will be created only if required (default)
- never – the framework will never create a session itself but it will use one if it already exists
- stateless – no session will be created or used by Spring Security
https://www.baeldung.com/spring-security-session
回答3:
You need to create new instance for the form object
@GetMapping("/dispo/orderCreate")
private String showCreateOrder(Model model) {
// ...
model.addAttribute("loadOrder", new LoadOrderModel();
return "/dispo/orderCreate";
}
回答4:
In order to use th:object in a form, we must be able to map a new entity to that form. You can send it though an attribute or you can set a method like the one below in your controller and it will do it automatically for you.
@ModelAttribute(value = "loadOrder")
public LoadOrderModel newLoadOrder() {return new LoadOrderModel();}
回答5:
I ran into the same Problem while upgrading from Spring Boot 1.x to 2.x (which also includes a newer Thymeleaf version). My problem was that Zhymeleaf tried to automatically create a hidden csrf input for each html form. The generated csrf tokens needed to be persisted in the http session.
Enabling sessions (like shown by @Raistlin) or disabling csrf protection (http.csrf().disable()) solved the issue for me.
You can also limit csrf token to certain pages using http.csrf().requireCsrfProtectionMatcher(..) or http.csrf().ignoringRequestMatchers(..)
来源:https://stackoverflow.com/questions/52982246/spring-thymeleaf-throws-cannot-create-a-session-after-the-response-has-been-com