嗨,我已经在springboot中实现了spring安全性。现在我想登录10分钟的到期时间,以便到期后的页面将被重定向到一个页面`@ configuration@EnableWebSecurity类ApplicationSecurityConfiguration扩展WebSecurityConfigurerAdapter{
@Autowired
private UserDetailsService userDetailsService;
@Autowired
private LoginSuccessHandler loginSuccessHandler;
@Bean
AuthenticationProvider authenticationProvider(){
DaoAuthenticationProvider authenticationProvider=new DaoAuthenticationProvider();
authenticationProvider.setUserDetailsService(userDetailsService);
authenticationProvider.setPasswordEncoder(new BCryptPasswordEncoder());
return authenticationProvider;
}
@Override
protected void configure(HttpSecurity http) throws Exception {
http
.csrf().disable()
.authorizeRequests()
.antMatchers("/js/**","/webjars/**","/images/**","/css/**").permitAll()
.anyRequest().authenticated()
.and()
.formLogin().loginPage("/login").successHandler(loginSuccessHandler).permitAll()
.and()
.logout().invalidateHttpSession(true).permitAll();
http.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.ALWAYS)
.maximumSessions(1).expiredUrl("/sessionExpired");
/*http.authorizeRequests()
.antMatchers("/")
.permitAll()*/
/*.and()
.formLogin()
.loginPage("/login")
.defaultSuccessUrl("/home")
.loginProcessingUrl("/checkLogin")
.failureUrl("/login")
.permitAll()
.and()
.logout()
.logoutSuccessUrl("/login")
.invalidateHttpSession(true)
.permitAll()*/
/*.and()
.csrf()
.disable()
;*/
}
}'
对于Springboot应用程序,您需要在应用程序中设置属性。属性命名为server.servlet.session.timeout=15m。如果未指定时间单位,则默认为秒