开发者

Spring not restoring tomcat persistent sessions to session registry after restart?

开发者 https://www.devze.com 2022-12-08 16:47 出处:网络
I\'m using Tomcat 6.2 and Spring MVC 2.5. I\'ve noticed that, whilst a user is logged in I can restart Tomcat and the user is able to continue browsing without re-authenticating. This appears to be co

I'm using Tomcat 6.2 and Spring MVC 2.5. I've noticed that, whilst a user is logged in I can restart Tomcat and the user is able to continue browsing without re-authenticating. This appears to be coming from Tomcat's ability to persist sessions across restarts.

It appears, however, that these p开发者_StackOverflow社区ersisted sessions do not make it back into the Spring session registry. When retrieving a user's session information from the session registry before the restart I get back information. Post a restart though the sesssion registry has no information on the user.

Have I missed some configuration that would allow Spring to restore these persisted Tomcat sessions after a restart? Failing that, is there a way to kick a user out of the web application without calling sessionInformation.expireNow()?


Try this configuration:

<bean id="filterInvocationInterceptor" class="org.acegisecurity.intercept.web.FilterSecurityInterceptor">
    ...
    <property name="alwaysReauthenticate" value="true"/>
</bean>


Are the objects, you want persisted and then restored from the session, serializable?

0

精彩评论

暂无评论...
验证码 换一张
取 消