Fatal编程技术网
  • spring-security/
  • Spring security 春堂';我不接受注销后的第二次登录

Spring security 春堂';我不接受注销后的第二次登录

spring-security

Spring security 春堂';我不接受注销后的第二次登录,spring-security,Spring Security,我从Spring安全框架开始。我制定了框架。它工作正常,但我的问题是在注销功能。。。 当我断开连接时。当他在拒绝访问页面上超过我时,我再次连接。每当我被迫重新启动tomcat时,他都会接受我的连接 我的第二个问题是:我试着测试关于超时的东西,我呆了超过1分钟,当我回来的时候,我仍然在同一页上。我不知道如何激活此选项,我想我在security.xml上配置了此选项,但它不起作用 这是我的精神配置 <?xml version="1.0" encoding="UTF-8"?> <be

我从Spring安全框架开始。我制定了框架。它工作正常,但我的问题是在注销功能。。。 当我断开连接时。当他在拒绝访问页面上超过我时,我再次连接。每当我被迫重新启动tomcat时,他都会接受我的连接

我的第二个问题是:我试着测试关于超时的东西,我呆了超过1分钟,当我回来的时候,我仍然在同一页上。我不知道如何激活此选项,我想我在security.xml上配置了此选项,但它不起作用

这是我的精神配置

<?xml version="1.0" encoding="UTF-8"?>
<beans:beans xmlns:sec="http://www.springframework.org/schema/security"
    xmlns:beans="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
    xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
                        http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.1.xsd">



    <sec:http auto-config="true" use-expressions="true">
        <sec:intercept-url pattern="/pagess/**" access="hasRole('ROLE_USER')"/>
        <sec:form-login login-page="/login.jsf"  authentication-failure-url="/loginFailed.jsf"  default-target-url="/pagess/Menu.jsf"/>
        <sec:logout  logout-success-url="/login.jsf" delete-cookies="JSESSIONID"  invalidate-session="true"/>

        <sec:session-management invalid-session-url="/login.jsf">
            <sec:concurrency-control max-sessions="1"
                error-if-maximum-exceeded="true" />
        </sec:session-management>       
    </sec:http>

    <sec:authentication-manager alias="authenticationManager">
        <sec:authentication-provider>
            <sec:jdbc-user-service data-source-ref="DataSource"/>
        </sec:authentication-provider>
    </sec:authentication-manager> 
</beans:beans>
这是WebXml

<?xml version="1.0" encoding="UTF-8"?>
<web-app id="WebApp_ID" version="3.0"
 xmlns="http://java.sun.com/xml/ns/javaee"
 xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd">
 <display-name>PFE</display-name>
 <context-param>
<param-name>primefaces.THEME</param-name>
<param-value>trontastic</param-value>
</context-param>
 <context-param>
  <description>State saving method: 'client' or 'server' (=default). See JSF Specification 2.5.2</description>
  <param-name>javax.faces.STATE_SAVING_METHOD</param-name>
  <param-value>client</param-value>
 </context-param>
 <context-param>
  <param-name>javax.servlet.jsp.jstl.fmt.localizationContext</param-name>
  <param-value>resources.application</param-value>
 </context-param>
 <listener>
  <listener-class>com.sun.faces.config.ConfigureListener</listener-class>
 </listener>
 <servlet>
  <servlet-name>Faces Servlet</servlet-name>
  <servlet-class>javax.faces.webapp.FacesServlet</servlet-class>
  <load-on-startup>1</load-on-startup>
 </servlet>
 <servlet-mapping>
  <servlet-name>Faces Servlet</servlet-name>
  <url-pattern>*.jsf</url-pattern>
 </servlet-mapping>
 <welcome-file-list>
  <welcome-file>/Test.jsp</welcome-file>
 </welcome-file-list>
 <session-config>
 <session-timeout>
 30
 </session-timeout>
 </session-config>

 <context-param>
  <param-name>contextConfigLocation</param-name>
      <param-value>
     /WEB-INF/application.xml
     /WEB-INF/spring_sec.xml
      </param-value>
   </context-param>
   <context-param>
        <param-name>javax.faces.PROJECT_STAGE</param-name>
        <param-value>Development</param-value>
    </context-param>
 <listener>
  <listener-class>
   org.springframework.web.context.ContextLoaderListener
  </listener-class>
   </listener>

   <filter>
        <filter-name>springSecurityFilterChain</filter-name>
        <filter-class>
            org.springframework.web.filter.DelegatingFilterProxy
        </filter-class>
    </filter>

    <filter-mapping>
        <filter-name>springSecurityFilterChain</filter-name>
        <url-pattern>/*</url-pattern>
    <dispatcher>FORWARD</dispatcher>
    <dispatcher>REQUEST</dispatcher>
    </filter-mapping>

   <listener>
  <listener-class>
   org.springframework.web.context.request.RequestContextListener
  </listener-class>
   </listener>
</web-app>


PFE
主题
天然气
状态保存方法:“客户端”或“服务器”(=默认值)。参见JSF规范2.5.2
javax.faces.STATE_保存方法
客户
javax.servlet.jsp.jstl.fmt.localizationContext
资源.应用
com.sun.faces.config.ConfigureListener
Facesservlet
javax.faces.webapp.FacesServlet
1.
Facesservlet
*.jsf
/Test.jsp
30
上下文配置位置
/WEB-INF/application.xml
/WEB-INF/spring_sec.xml
javax.faces.PROJECT_阶段
发展
org.springframework.web.context.ContextLoaderListener
springSecurityFilterChain
org.springframework.web.filter.DelegatingFilterProxy
springSecurityFilterChain
/*
向前地
要求
org.springframework.web.context.request.RequestContextListener
我修复了我的问题..有一个Listner出错

<listener> 
<listener-class>
org.springframework.security.web.session.HttpSessionEventPublisher
</listener-class> 
</listener


org.springframework.security.web.session.HttpSessionEventPublisher

<listener> 
<listener-class>
org.springframework.security.web.session.HttpSessionEventPublisher
</listener-class> 
</listener