1

我需要在 Spring Security 中实现会话管理,但是在 tomcat 上部署应用程序时出现错误。应用程序正在尝试从属性文件中获取 invalid-session-url 和 expired-url 属性值,但在耗尽时出现错误。

<security:http entry-point-ref="casAuthenticationEntryPoint" auto-config="true">
    <security:intercept-url pattern="/*" access="ROLE_USER"/>
    <security:custom-filter position="CAS_FILTER" ref="casAuthenticationFilter"/>
    <security:logout invalidate-session="true" logout-url="/logout" logout-success-url="#{CAS_server}/logout?service=#{CAS_application}/" delete-cookies="JSESSIONID"/>
    <security:session-management invalid-session-url="#{CAS_server}/logout?service=#{CAS_application}" session-fixation-protection="newSession" >
        <security:concurrency-control max-sessions="1"  expired-url="#{CAS_server}/logout?service=#{CAS_application}" error-if-maximum-exceeded="true" />
    </security:session-management>
</security:http>

我只在会话管理标签上收到此错误。任何人都有任何想法。

4

1 回答 1

0

快速配置了一个 Spring 安全应用程序,我的配置包含以下内容,它工作正常(注意会话管理标签中的属性注入)

测试属性

mytestservice=MyApp
loginurl=/my-login.html
invalidsessionurl=/my-login.html

春季安全配置

<bean id="webPropertyConfigurer"
        class="org.springframework.beans.factory.config.PropertyPlaceholderConfigurer">
        <property name="ignoreResourceNotFound" value="true" />
        <property name="ignoreUnresolvablePlaceholders" value="true" />
        <property name="locations">
            <list>
                <value>classpath:test.properties</value>
            </list>
        </property>
    </bean>



    <security:http>
        <security:intercept-url pattern="/my-login.jsp" access="permitAll" />
        <security:intercept-url pattern="/**" access="hasRole('USER')" />
        <security:form-login login-page="${loginurl}"
                             authentication-failure-url="${loginurl}?error" />
        <security:http-basic />
        <security:session-management invalid-session-url="${invalidsessionurl}/logout?service=${mytestservice}" session-fixation-protection="newSession" />
        <security:logout />
    </security:http>
于 2017-09-26T12:45:47.227 回答