java 将跟踪模式设置为 cookie 以删除附加的会话 ID,而不使用 web.xml
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/16262285/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
Set tracking mode to cookie to remove appended session id, without using web.xml
提问by NimChimpsky
I am setting up a completely java based spring app with no xml config :
我正在设置一个完全基于 java 的 spring 应用程序,没有 xml 配置:
public class WebApp extends AbstractAnnotationConfigDispatcherServletInitializer {
@Override
protected Class<?>[] getRootConfigClasses() {
return null;
}
@Override
protected Class<?>[] getServletConfigClasses() {
return new Class<?>[]{WebMvcConfigurer.class};
}
@Override
protected String[] getServletMappings() {
return new String[]{"/"};
}
and
和
@Configuration
@EnableWebMvc
@ComponentScan(basePackages = { mypackages })
public class WebMvcConfigurer extends WebMvcConfigurerAdapter {
@Override
public void addResourceHandlers(ResourceHandlerRegistry registry) {
registry.addResourceHandler("/resources/**").addResourceLocations("/static-assets/");
}
@Bean
public ViewResolver viewResolver() {
InternalResourceViewResolver viewResolver = new InternalResourceViewResolver();
viewResolver.setViewClass(JstlView.class);
viewResolver.setPrefix("/WEB-INF/views/");
viewResolver.setSuffix(".jsp");
return viewResolver;
}
where do I put this, which used to be in my web.xml ?
我把它放在哪里,它曾经在我的 web.xml 中?
<session-config>
<!-- Disables URL-based sessions (no more 'jsessionid' in the URL using Tomcat) -->
<tracking-mode>COOKIE</tracking-mode>
</session-config>
回答by Bassem Reda Zohdy
you can do it as in below
你可以像下面那样做
public class WebConfig implements WebApplicationInitializer {
@Override
public void onStartup(ServletContext servletContext)
throws ServletException {
HashSet<SessionTrackingMode> set = new HashSet<SessionTrackingMode>();
set.add(SessionTrackingMode.COOKIE);
servletContext.setSessionTrackingModes(set);
}
}
回答by Michael Koch
In a Spring Boot app, you can configure the mode using the application propertyserver.session.tracking-modes.
在 Spring Boot 应用程序中,您可以使用应用程序属性配置模式server.session.tracking-modes。
In your application.propertiesadd:
在您application.properties添加:
server.session.tracking-modes=cookie
Or if you use application.yml:
或者,如果您使用application.yml:
server:
session:
tracking-modes: 'cookie'
The Spring Boot autoconfiguration internally uses the same call to servletContext.setSessionTrackingModeswhich Bassem recommended in his answer.
Spring Boot 自动配置在内部使用servletContext.setSessionTrackingModesBassem 在他的回答中推荐的相同调用。
回答by Boris the Spider
Since 3.2.0.RC1this is available in the AbstractSecurityWebApplicationInitializerlike so:
从 3.2.0.RC1 开始,它可以AbstractSecurityWebApplicationInitializer这样使用:
public class WebSecutityInit extends AbstractSecurityWebApplicationInitializer {
@Override
protected Set<SessionTrackingMode> getSessionTrackingModes() {
return EnumSet.of(SessionTrackingMode.SSL);
}
}
回答by cyberdemon
Another solution, that works for me, has been the code below inside the SecurityConfig class.
另一个对我有用的解决方案是 SecurityConfig 类中的以下代码。
@Override
protected void configure(HttpSecurity http) throws Exception {
http.httpBasic()
.and()
.sessionManagement()
.sessionCreationPolicy(SessionCreationPolicy.STATELESS) //No sessionId eppended
...
}
