Java Springboot 应用会话超时
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/29128277/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
Springboot app session timeout
提问by victor
I have created a SpringBoot MVC/Security app 1.2.2.RELEASE and my application.properties contains server settings like
我创建了一个 SpringBoot MVC/Security 应用程序 1.2.2.RELEASE 并且我的 application.properties 包含服务器设置,如
#Tomcat port and contextPath details
server.port=8080
server.contextPath=/test
#server.session-timeout=120
server.sessionTimeout=120
The documentationstates
该文件指出
server.session-timeout= # session timeout in seconds
but the ServerProperties.javauses sessionTimeout;
但是ServerProperties.java使用 sessionTimeout;
If you look at the application.properties code I have posed, I have tried both independently and together, but I don't get timed out after 2 minutes, I don't have any other code explicitly written to perform any session handeling.
如果你看看我提出的 application.properties 代码,我已经独立和一起尝试过,但我没有在 2 分钟后超时,我没有明确编写任何其他代码来执行任何会话处理。
Has anyone come across this issue? What am I missing or doing wrong?
有没有人遇到过这个问题?我错过了什么或做错了什么?
回答by Manish Kothari
I don't know for some reason only setting
我不知道出于某种原因只设置
server.session.timeout=120
didn't work for me however, when I set both session timeout and cookie max age like below:
但是,当我设置会话超时和 cookie 最大年龄时,它对我不起作用,如下所示:
server.session.cookie.max-age=120
server.session.timeout=120
it works perfectly
它完美地工作
回答by Phoebe Li
I'm not sure what this server.session.timeout is for because when I set it to a specific number, and monitor the session creation, the session expiry does not get changed.
我不确定这个 server.session.timeout 是干什么用的,因为当我将它设置为一个特定的数字并监视会话创建时,会话到期时间不会改变。
I'm using spring session and redis integration, in my case, I need to set the maxInactiveIntervalInSeconds to be like 120(seconds), this can be done thru redisHttpSessionConfiguration.
我正在使用 spring 会话和 redis 集成,就我而言,我需要将 maxInactiveIntervalInSeconds 设置为 120(秒),这可以通过 redisHttpSessionConfiguration 完成。
And then if I go to redis to look for the session, I can see it's expiry is changed to 120 seconds and session timeout works.
然后如果我去 redis 查找会话,我可以看到它的到期时间更改为 120 秒并且会话超时有效。
One suggestion of mine would be that try to find out if you can configure the session's maxInactiveIntervalInSeconds(or similar) either programmatically or in the property file and monitor session changes.
我的一个建议是尝试找出您是否可以以编程方式或在属性文件中配置会话的 maxInactiveIntervalInSeconds(或类似)并监视会话更改。
回答by Chandra Shekhar Goka
You can try with adding this both statements.
您可以尝试添加这两个语句。
server.session.cookie.max-age=120
server.session.timeout=120
You can find complete example on my blog here: http://www.onlinetutorialspoint.com/spring-boot/how-to-set-spring-boot-tomcat-session-timeout.html
你可以在我的博客上找到完整的例子:http: //www.onlinetutorialspoint.com/spring-boot/how-to-set-spring-boot-tomcat-session-timeout.html
回答by EwyynTomato
(This applies to Spring 1.5.x at the time of this writing)
(这适用于撰写本文时的 Spring 1.5.x)
Note that if you're using Redis session @EnableRedisHttpSession(such as in the other comment @Phoebe Li's case), then the application property server.session won't be applied. You'll have to set it manually by code like this:
请注意,如果您使用的是Redis 会话 @EnableRedisHttpSession(例如在其他评论@Phoebe Li 的案例中),则不会应用应用程序属性 server.session。您必须通过如下代码手动设置它:
@EnableRedisHttpSession
public class HttpSessionConfig {
@Bean
public RedisOperationsSessionRepository sessionRepository(RedisConnectionFactory factory) {
RedisOperationsSessionRepository sessionRepository = new RedisOperationsSessionRepository(factory);
//Set the TTL of redis' key, which in turn will expire session when TTL is reached
sessionRepository.setDefaultMaxInactiveInterval(15); //e.g. 15 seconds
return sessionRepository;
}I
}
回答by naXa
In application.yml of my Spring Boot 2 app
在我的 Spring Boot 2 应用程序的 application.yml 中
# A negative value means that the cookie is not stored persistently and will be deleted when the Web browser exits
server:
servlet:
session:
cookie:
max-age: -1
timeout: -1
With these settings JSESSIONIDcookie expiration time is set to "When the browsing session ends".
通过这些设置,JSESSIONIDcookie 过期时间设置为“浏览会话结束时”。
