when springsecurity returns cookies, there is no valid time for expires?
where does springsecurity configure the place where cookies is generated? That is, the place that is returned to the front-end set-cookie.
what is returned now is that there is no time:
JSESSIONID is generated by application services, and it has nothing to do with spring security.
you can set
in web.xml of the application.
<session-config>
<session-timeout>720</session-timeout> <!-- 12h * 60-->
<cookie-config>
<max-age>43200</max-age> <!-- 12h * 3600 -->
</cookie-config>
</session-config>Previous: Vue promise
Next: How does iframe use the methods in the component? Now I haven't even got the elements.
java.lang.IllegalAccessError: class org.springframework.social.connect.jdbc.JdbcConnectionRepository$$EnhancerBySpringCGLIB$$1196d00b cannot access its superclass org.springframework.social.connect.jdbc.JdbcConnectionRepository breakpoint information ...
The implementation of inheriting WebSecurityConfigurerAdapter is as follows. @Configuration @EnableWebSecurity public class WebSecurityConfig extends WebSecurityConfigurerAdapter { @Autowired private DataSource dataSource; @Override p...
visit this address http: localhost:10002 oauth authorize?response_type=code&client_id=awbeci&redirect_uri= http: www.awbeci.cn&scope=all and report the following error after logging in: Handling OAuth2 error: error="invalid_request", erro...
I can t find SocialAutoConfigurerAdapter, when I use spring social 1.1.6.RELEASE in spring boot 2.0.4.RELEASE. I don t know what to do. Thank you. ...
I would like to ask: now that the backend is separated from the front and back, and the backend provides restful API, how does the backend permission be done? can the commonly used shiro still work, or do they all use spring Security? ...
due to the use of SpringSecurity, the CSRF function is turned on by default. If you initiate a POST request on the front-end page, it will report a 403 error due to a problem with SpringSecurity s CSRF. Looking for solutions online and looking at offic...
problem description after SpringSecurity is authenticated by user name and password, it returns that the validity period of JWT s token,token is set to 15min, but how do I refresh token, if token does not refresh, then 15min will expire later the e...
when using springsecurity oauth to socially bind qq and Wechat, POST requests address: connect qq Times error, how to solve it? type = "qq" gotoBind(type){ let url = `${this.$url} connect ${type}`; axios({ ...
as mentioned, I now use springsecurity oauth to bind qq and Wechat, but when I POST submit connect qq Times is wrong, so I wonder if there is any other solution gotoBind(type){ let url = `${this.$url} connect ${type}`; axio...
as in the question, how does SpringSecurity store user information? How to store it to ensure that each logged-in user gets his or her own UserDetails. UserDetails userDetails = (UserDetails) SecurityContextHolder.getContext () .getAuthentication () ...
@ PermitAll @ PreAuthorize ( "isAnonymous () ") @ PreAuthorize ( "permitAll ") all kinds of writing methods have been tried, but they are all invalid. It is impossible to request these authentication-free interfaces directly. < hr > all the writin...
oauth token this interface gets access_token, but it is the default format of springsecurity. I now want to change the format to a custom format {. code:"", msg:"", data:{ access_token:"xxxx" } Please tell me what to...