Set tracking mode to cookie to remove appended ses

2020-02-24 04:36发布

站内问答 / Java
1505 4 6

I am setting up a completely java based spring app with no xml config :

public class WebApp extends AbstractAnnotationConfigDispatcherServletInitializer {
    @Override
    protected Class<?>[] getRootConfigClasses() {
        return null;
    }
    @Override
    protected Class<?>[] getServletConfigClasses() {
        return new Class<?>[]{WebMvcConfigurer.class};
    }
    @Override
    protected String[] getServletMappings() {
        return new String[]{"/"};
    }

and 

@Configuration
@EnableWebMvc
@ComponentScan(basePackages = { mypackages })
public class WebMvcConfigurer extends WebMvcConfigurerAdapter {

    @Override
    public void addResourceHandlers(ResourceHandlerRegistry registry) {
        registry.addResourceHandler("/resources/**").addResourceLocations("/static-assets/");
    }

    @Bean
    public ViewResolver viewResolver() {

        InternalResourceViewResolver viewResolver = new InternalResourceViewResolver();
        viewResolver.setViewClass(JstlView.class);
        viewResolver.setPrefix("/WEB-INF/views/");
        viewResolver.setSuffix(".jsp");
        return viewResolver;
    }

where do I put this, which used to be in my web.xml ?

 <session-config>
        <!-- Disables URL-based sessions (no more 'jsessionid' in the URL using Tomcat) -->
        <tracking-mode>COOKIE</tracking-mode>
    </session-config>

4条回答
我欲成王,谁敢阻挡
2楼-- · 2020-02-24 05:03

Since 3.2.0.RC1 this is available in the AbstractSecurityWebApplicationInitializer like so:

public class WebSecutityInit extends AbstractSecurityWebApplicationInitializer {

    @Override
    protected Set<SessionTrackingMode> getSessionTrackingModes() {
        return EnumSet.of(SessionTrackingMode.SSL);
    }
}
查看更多
0人赞 添加讨论(0) 举报
来,给爷笑一个
3楼-- · 2020-02-24 05:08

In a Spring Boot app, you can configure the mode using the application property server.session.tracking-modes.

In your application.properties add:

server.session.tracking-modes=cookie

Or if you use application.yml:

server:
  session:
    tracking-modes: 'cookie'

The Spring Boot autoconfiguration internally uses the same call to servletContext.setSessionTrackingModes which Bassem recommended in his answer.

查看更多
0人赞 添加讨论(0) 举报
看我几分像从前
4楼-- · 2020-02-24 05:09

you can do it as in below

public class WebConfig implements WebApplicationInitializer {

    @Override
    public void onStartup(ServletContext servletContext)
            throws ServletException {
        HashSet<SessionTrackingMode> set = new HashSet<SessionTrackingMode>();
        set.add(SessionTrackingMode.COOKIE);
        servletContext.setSessionTrackingModes(set);

    }

}
查看更多
0人赞 添加讨论(0) 举报
小情绪 Triste *
5楼-- · 2020-02-24 05:27

Another solution, that works for me, has been the code below inside the SecurityConfig class. 

@Override
protected void configure(HttpSecurity http) throws Exception {    
 http.httpBasic()
  .and()
  .sessionManagement()
  .sessionCreationPolicy(SessionCreationPolicy.STATELESS) //No sessionId eppended  
  ...
}
查看更多
0人赞 添加讨论(0) 举报
登录 后发表回答
相关问题
查看全部
相关文章
查看全部
收藏的人(6)