java 帮助捕捉春季会话超时
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/5642304/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
Help catching session timeout in spring
提问by blong824
I have a simple Spring 3 MVC application. I am using a sessionAttribute and everything works fine except when I let the page sit for 30 minutes or longer. I then get a
我有一个简单的 Spring 3 MVC 应用程序。我正在使用 sessionAttribute 并且一切正常,除非我让页面停留 30 分钟或更长时间。然后我得到一个
org.springframework.web.HttpSessionRequiredException
org.springframework.web.HttpSessionRequiredException
telling me my object is not found in session.
告诉我在会话中找不到我的对象。
I am thinking I need to somehow redirect back to the same page when a session timeout occurs. I am not sure how to do this correctly with spring.
我想当会话超时发生时我需要以某种方式重定向回同一页面。我不确定如何用 spring 正确地做到这一点。
There is no login required and I am already checking if the object is null.
不需要登录,我已经在检查对象是否为空。
Any suggestions would be appreciated.
任何建议,将不胜感激。
Thanks
谢谢
回答by lukastymo
You can add error-page binding to HttpSessionRequiredException which will redirect to first page in your application
您可以将错误页面绑定添加到 HttpSessionRequiredException 这将重定向到您的应用程序的第一页
example:
例子:
web.xml
网页.xml
<web-app>
<error-page>
<exception-type>org.springframework.web.HttpSessionRequiredException</exception-type>
<location>/index.jsp</location>
</error-page>
</web-app>
回答by Vladimir Dyuzhev
There is no way you can just redirect "back to the same page". You session is gone, that is the cookie you have on the client is no longer correspond to any session in the servlet container, because session object was deleted from memory. Totally, irreversibly.
您无法仅重定向“返回同一页面”。您的会话消失了,即您在客户端上的 cookie 不再对应于 servlet 容器中的任何会话,因为会话对象已从内存中删除。完全,不可逆转。
You may increase session timeout. This is application configuration, not Spring:
您可以增加会话超时。这是应用程序配置,而不是 Spring:
web.xml:
网页.xml:
<session-config>
<session-timeout>120</session-timeout>
</session-config>
will give you two hours of idle session.
会给你两个小时的空闲会话。
Note that sessions are not free. They consume resources (memory and disk, when serialized). If the same user can re-login multiple time, they'll have multiple idle sessions, and potentially could cause you DoS.
请注意,会话不是免费的。它们消耗资源(内存和磁盘,序列化时)。如果同一个用户可以多次重新登录,他们将有多个空闲会话,并且可能会导致 DoS。
P.S. If you OK with gone session, and just want to establish another one right away, you can always do it in a filter, Spring or not. Spring may have their own listeners. You'd have to place something into that brand new session to make your request work.
PS 如果您对消失的会话没问题,并且只想立即建立另一个会话,您始终可以在过滤器中进行,无论是否使用 Spring。Spring 可能有自己的侦听器。您必须在那个全新的会话中放置一些东西才能使您的请求有效。
