[英]Spring Security Authentication Every X Minutes (Without Killing Session)
I am interested in asking users to re-authenticate after 15 mins of inactivity without killing their session (session life is longer). 我有兴趣要求用户在15分钟不活动后重新进行身份验证,而又不终止会话(会话寿命更长)。
Is there a way to specify an authentication timeout within Spring Security that would accomplish this automatically or some cleaver way I can accomplish this without too much effort? 有没有一种方法可以在Spring Security中指定可以自动完成此操作的身份验证超时,或者我可以不用过多的努力就可以使用的某种方式来完成?
Adding a request filter seems to be the best way to achieve this goal. 添加请求过滤器似乎是实现此目标的最佳方法。 In order to prevent the loss of data, I chose to have a blocking popup that displays if the session has been inactive. 为了防止数据丢失,我选择了一个阻止弹出窗口,该弹出窗口显示会话是否处于非活动状态。 This way I can refresh the page and the user is right where they left off instead of needing to store the initial request and having to find it and redirect them. 这样,我可以刷新页面,并且用户可以在他们离开的地方进行浏览,而无需存储初始请求并不必查找并重定向它们。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.