Java 在请求头中修改JSESSIONID cookie
我正在将Spring安全性与Spring引导一起使用,我想修改JSESSIONID cookie名称和值。我在网上搜索,但找不到任何合适的解决方案。我正在使用Wildfly服务器。我是spring框架的新手 RequestFilter.javaJava 在请求头中修改JSESSIONID cookie,java,spring,spring-boot,spring-security,wildfly,Java,Spring,Spring Boot,Spring Security,Wildfly,我正在将Spring安全性与Spring引导一起使用,我想修改JSESSIONID cookie名称和值。我在网上搜索,但找不到任何合适的解决方案。我正在使用Wildfly服务器。我是spring框架的新手 RequestFilter.java @Component @Order(Ordered.HIGHEST_PRECEDENCE) public class RequestFilter implements Filter { public void doFilter(ServletR
@Component
@Order(Ordered.HIGHEST_PRECEDENCE)
public class RequestFilter implements Filter {
public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain) {
HttpServletResponse response = (HttpServletResponse) res;
HttpServletRequest request = (HttpServletRequest) req;
// Cookie[] cookies = request.getCookies();
// for (Cookie cookie : cookies) {
// cookie.setMaxAge(0);
// cookie.setValue(null);
// cookie.setPath("/");
// response.addCookie(cookie);
// }
response.setHeader("Access-Control-Allow-Origin", "http://localhost:4200");
response.setHeader("Access-Control-Allow-Methods", "POST, PUT, GET, OPTIONS, DELETE");
response.setHeader("Access-Control-Allow-Headers", "x-requested-with");
response.setHeader("Access-Control-Max-Age", "3600");
response.setHeader("Access-Control-Allow-Credentials", "true");
response.setHeader("Set-Cookie", null);
response.setHeader("X-Powered-By", null);
response.setHeader("Server", null);
if (!(request.getMethod().equalsIgnoreCase("OPTIONS"))) {
try {
chain.doFilter(req, res);
} catch (Exception e) {
e.printStackTrace();
}
} else {
System.out.println("Pre-flight");
response.setHeader("Access-Control-Allow-Methods", "POST,GET,DELETE");
response.setHeader("Access-Control-Max-Age", "3600");
response.setHeader("Access-Control-Allow-Headers", "authorization, content-type," +
"access-control-request-headers,access-control-request-method,accept,origin,authorization,x-requested-with");
response.setStatus(HttpServletResponse.SC_OK);
}
}
public void init(FilterConfig filterConfig) {
}
public void destroy() {
}
}
请建议我在spring security中重命名JSESSIONID cookie的最佳方法。您可以在application.properties文件中设置cookie名称:
server.session.cookie.name = MYSESSIONID
参考资料:我使用的是JBoss应用服务器,通过上面的方法,我可以更改会话cookie的名称,但对JBoss不起作用。我观察到重写SpringBootOnStartup方法在JBoss上会出现403错误,但它在tomcat上运行良好。