1. 設定session的過期時間
server:
servlet:
session:
timeout: 60
2.設定基于session的單點登入,逾時後登入的網址,逾時後的登入狀态,
http.sessionManagement().invalidSessionUrl("/invalid").maximumSessions(1).maxSessionsPreventsLogin(false).expiredSessionStrategy(new CustomExpiredSessionStrategy());
CustomExpiredSessionStrategy
package com.hanhuide.core.handler;
import com.alibaba.fastjson.JSON;
import com.fasterxml.jackson.databind.ObjectMapper;
import com.hanhuide.core.model.CustomResponseBody;
import org.springframework.security.web.DefaultRedirectStrategy;
import org.springframework.security.web.RedirectStrategy;
import org.springframework.security.web.session.SessionInformationExpiredEvent;
import org.springframework.security.web.session.SessionInformationExpiredStrategy;
import javax.servlet.ServletException;
import java.io.IOException;
import java.util.HashMap;
import java.util.Map;
public class CustomExpiredSessionStrategy implements SessionInformationExpiredStrategy {
private ObjectMapper objectMapper = new ObjectMapper();
private RedirectStrategy redirectStrategy = new DefaultRedirectStrategy();
@Override
public void onExpiredSessionDetected(SessionInformationExpiredEvent event) throws IOException, ServletException {
event.getResponse().setContentType("application/json;charset=UTF-8");
// CustomResponseBody body = new CustomResponseBody();
// body.setStatus(0000);
// body.setMsg("您已在其他地方登入,請檢查,時間為{" + event.getSessionInformation().getLastRequest() + "}");
// event.getResponse().getWriter().write(JSON.toJSONString(body));
redirectStrategy.sendRedirect(event.getRequest(), event.getResponse(), "/login");
}
}
3.
package com.hanhuide.core.controller;
import com.hanhuide.core.mapper.CeshiMapper;
import io.swagger.annotations.ApiOperation;
import lombok.extern.slf4j.Slf4j;
import org.springframework.http.HttpStatus;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.ResponseStatus;
import org.springframework.web.bind.annotation.RestController;
import com.hanhuide.core.model.SysUser;
import org.springframework.web.servlet.ModelAndView;
import javax.annotation.Resource;
import java.util.List;
/**
* @program: maven
* @description:
* @author: 韓惠德
* @create: 2019-12-24 16:41
* @version: 1.0
**/
@RestController
@Slf4j
public class Contrller11 {
@Resource
private CeshiMapper ceshiMapper;
@ApiOperation(value = "測試資料源", notes = "測試資料源")
@GetMapping("system")
public List<SysUser> ceshi() {
return ceshiMapper.findAll();
}
@ApiOperation(value = "測試資料源2", notes = "測試資料源2")
@GetMapping("/system/menu")
public List<SysUser> ceshi2() {
return ceshiMapper.findAll2();
}
@RequestMapping("/invalid")
@ResponseStatus(HttpStatus.UNAUTHORIZED)
public String invalid() {
return "Session 已過期,請重新登入";
}
}
重新整理火狐浏覽器 直接跳轉到登入頁面