堆栈内存溢出
  简体   繁体   English

避免Spring应用程序在浏览器关闭时注销

[英]Avoid Spring application log out on browser close

 原文  2016-11-07 17:31:03       java/ spring/ spring-mvc/ spring-security/ tomcat7

问题描述

I have a weird problem and not able to fix it. 我有一个奇怪的问题,无法解决。

The Problem : 问题 :

I login to my Spring web application which has long session timeout, whenever I quit the browser and then reopen it, access my web-app and I see login page every time. 我登录到具有较长会话超时的Spring Web应用程序时,每当我退出浏览器然后重新打开它,访问我的Web应用程序时,每次都会看到登录页面。

It works fine as long as browser is not closed. 只要浏览器没有关闭,它就可以正常工作。 I thought that there is some problem with the chrome settings, but it's not. 我以为Chrome设置有问题,但是不是。 Also it happens with all the browsers. 所有浏览器也会发生这种情况。

My web.xml : 我的web.xml 

    <session-config>
        <session-timeout>10000</session-timeout>
        <cookie-config>
            <name>myapp</name>
            <http-only>true</http-only>
        </cookie-config>
        <tracking-mode>COOKIE</tracking-mode>
    </session-config>

My Spring Security configuration: 我的Spring Security配置: 

    <security:http auto-config="true" use-expressions="true">
        <security:intercept-url pattern="/resources/**" access="permitAll" />
        <security:intercept-url pattern="/login" access="permitAll" />
        <security:intercept-url pattern="/login/forgot" access="permitAll" />
        <security:intercept-url pattern="/login/resetpassword" access="permitAll" />
        <security:intercept-url pattern="/home/admin/**" access="hasAnyRole('ROLE_admin', 'ROLE_manager')" />
        <security:intercept-url pattern="/**" access="hasAnyRole('ROLE_admin', 'ROLE_manager','ROLE_user')" />
        <security:form-login 
            login-page="/login" 
            login-processing-url="/login" 
            authentication-failure-handler-ref="authenticationFailureFilter" 
            authentication-success-handler-ref="authenticationSuccessHandler"  
            username-parameter="email" 
            password-parameter="password" />
        <!-- enable csrf protection -->
        <security:csrf/>

    </security:http>

Is there any problem with my web.xml or Spring Security? 我的web.xml或Spring Security是否有问题?

1 个解决方案

解决方案1
 4 已采纳  2016-11-07 18:59:01

Please set the max age attribute of the cookie. 请设置Cookie的最大年龄属性。

By default, -1 is returned, which indicates that the cookie will persist until browser shutdown. 默认情况下,返回-1,这表示cookie将持续存在直到浏览器关闭。

Http Servlet Cookie Max Age Http Servlet Cookie的最大年龄

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 我想在每个浏览器中关闭浏览器后注销我的应用程序? - I want to log out my application after browser close in every browser? 使用Spring Application配置日志 - configuring log with Spring Application GWT Java-如何关闭窗口(注销) - GWT Java - How to close the window (Log Out) 如何使用 spring 引导登录/注销? - How to log in/ log out using spring boot? 避免让Hessian登录catalina.out - Avoid Hessian to log into catalina.out Spring Boot + Spring Security-无法注销 - Spring Boot + Spring Security - unable to log out 注销在Spring Boot应用程序中不起作用(不支持POST方法) - Log out doesn't work in Spring Boot application (POST method not supported) 避免在Spring MVC中会话超时 - Avoid session time out in Spring MVC 在应用程序关闭之前,log4j RollingFileAppender不会写入日志 - log4j RollingFileAppender not writing to log until application close 如何从应用程序日志中避免Spark和Hive日志 - How to avoid Spark and Hive log from Application log
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM