发表新帖
发表新帖

Spring boot configure custom jsessionid for embedded server

后端 未结
关注
4 1406
隐瞒了意图╮
隐瞒了意图╮ 2020-12-13 20:04

I want to configure my servlet context, such as setting a custom jsessionId key (see Changing cookie JSESSIONID name)

I believe I can use the SpringBootServlet

相关标签:
4条回答
  • 面向向阳花
    2020-12-13 20:12

    with spring session , if you want to change cookie name ,you can do this

    @Bean
public DefaultCookieSerializer defaultCookieSerializer(){
    DefaultCookieSerializer defaultCookieSerializer = new DefaultCookieSerializer();
    defaultCookieSerializer.setCookieName("mySessionId");
    return defaultCookieSerializer;
}

    i find this in spring session source

    spring-session-1.2.1.RELEASE-sources.jar!/org/springframework/session/config/annotation/web/http/SpringHttpSessionConfiguration.java

        @Autowired(required = false)
public void setCookieSerializer(CookieSerializer cookieSerializer) {
    this.defaultHttpSessionStrategy.setCookieSerializer(cookieSerializer);
}
    0 讨论(0)
  • 名媛妹妹
    2020-12-13 20:14

    As of Spring Boot 1.3 you can simply set a configuration property;

    Spring Boot 1.3, 1.4, 1.5

    server.session.cookie.name = MYSESSIONID

    Spring Boot 2.x

    server.servlet.session.cookie.name = MYSESSIONID

    A lot simpler than writing a configuration class.

    See https://docs.spring.io/spring-boot/docs/current/reference/html/common-application-properties.html for more session related properties.

    0 讨论(0)
  • 长情又很酷
    2020-12-13 20:14 
    @Override
protected void configure(HttpSecurity http) throws Exception {
    http
    .sessionManagement().sessionCreationPolicy(SessionCreationPolicy.NEVER).and()
    .csrf().disable();  
}

    You can try this as it removes jsession id from URL

    0 讨论(0)
  • 生来不讨喜
    2020-12-13 20:36

    Declare a ServletContextInitializer bean in your application's configuration:

    @Bean
public ServletContextInitializer servletContextInitializer() {
    return new ServletContextInitializer() {

        @Override
        public void onStartup(ServletContext servletContext) throws ServletException {
            servletContext.getSessionCookieConfig().setName("yourCookieName");
        }
    };

}

    Alternatively, your application class itself can implement ServletContextInitializer:

    @Configuration
@EnableAutoConfiguration
@ComponentScan
public class Application implements ServletContextInitializer {

    public static void main(String[] args) throws Exception {
        SpringApplication.run(Application.class, args);
    }

    @Override
    public void onStartup(ServletContext servletContext) throws ServletException {
        servletContext.getSessionCookieConfig().setName("yourCookieName");
    }

}
    0 讨论(0)
 看不清?
提交回复
热议问题