Spring boot configure custom jsessionid for embedded server

后端 未结 4 1422
隐瞒了意图╮
隐瞒了意图╮ 2020-12-13 20:04

I want to configure my servlet context, such as setting a custom jsessionId key (see Changing cookie JSESSIONID name)

I believe I can use the SpringBootServlet

相关标签:
4条回答
  • 2020-12-13 20:12

    with spring session , if you want to change cookie name ,you can do this

    @Bean
    public DefaultCookieSerializer defaultCookieSerializer(){
        DefaultCookieSerializer defaultCookieSerializer = new DefaultCookieSerializer();
        defaultCookieSerializer.setCookieName("mySessionId");
        return defaultCookieSerializer;
    }
    

    i find this in spring session source

    spring-session-1.2.1.RELEASE-sources.jar!/org/springframework/session/config/annotation/web/http/SpringHttpSessionConfiguration.java

        @Autowired(required = false)
    public void setCookieSerializer(CookieSerializer cookieSerializer) {
        this.defaultHttpSessionStrategy.setCookieSerializer(cookieSerializer);
    }
    
    0 讨论(0)
  • 2020-12-13 20:14

    As of Spring Boot 1.3 you can simply set a configuration property;

    Spring Boot 1.3, 1.4, 1.5

    server.session.cookie.name = MYSESSIONID
    

    Spring Boot 2.x

    server.servlet.session.cookie.name = MYSESSIONID
    

    A lot simpler than writing a configuration class.

    See https://docs.spring.io/spring-boot/docs/current/reference/html/common-application-properties.html for more session related properties.

    0 讨论(0)
  • 2020-12-13 20:14
    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http
        .sessionManagement().sessionCreationPolicy(SessionCreationPolicy.NEVER).and()
        .csrf().disable();  
    }
    

    You can try this as it removes jsession id from URL

    0 讨论(0)
  • 2020-12-13 20:36

    Declare a ServletContextInitializer bean in your application's configuration:

    @Bean
    public ServletContextInitializer servletContextInitializer() {
        return new ServletContextInitializer() {
    
            @Override
            public void onStartup(ServletContext servletContext) throws ServletException {
                servletContext.getSessionCookieConfig().setName("yourCookieName");
            }
        };
    
    }
    

    Alternatively, your application class itself can implement ServletContextInitializer:

    @Configuration
    @EnableAutoConfiguration
    @ComponentScan
    public class Application implements ServletContextInitializer {
    
        public static void main(String[] args) throws Exception {
            SpringApplication.run(Application.class, args);
        }
    
        @Override
        public void onStartup(ServletContext servletContext) throws ServletException {
            servletContext.getSessionCookieConfig().setName("yourCookieName");
        }
    
    }
    
    0 讨论(0)
提交回复
热议问题