gpt4 book ai didi

java - tomcat中的Spring警告输出 "Failed to create a session"

转载 作者:搜寻专家 更新时间:2023-10-31 20:15:48 25 4
gpt4 key购买 nike

我收到以下消息,但我不明白它们的意思。一切似乎都运行正常,但我只是想安全起见。是否可以针对这些警告采取措施:

2011-01-25/23:30:06.856/EST [http-80-exec-1] WARN 无法创建 session ,因为已提交响应。无法存储 SecurityContext。

2011-01-25/23:30:09.597/EST [http-80-exec-3] WARN 身份验证事件 InteractiveAuthenticationSuccessEvent:email@domain.com;详细信息:org.springframework.security.web.authentication.WebAuthenticationDetails@957e: RemoteIpAddress: 170.9.26.16; SessionId: null

我正在运行 spring 3tomcat 6 以及 spring security 3

更新

我根据此信息(来自 here)重新配置了以下 bean:

create-session

Controls the eagerness with which an HTTP session is created. If not set, defaults to "ifRequired". Other options are "always" and "never". The setting of this attribute affect the allowSessionCreation and forceEagerSessionCreation properties of HttpSessionContextIntegrationFilter. allowSessionCreation will always be true unless this attribute is set to "never". forceEagerSessionCreation is "false" unless it is set to "always". So the default configuration allows session creation but does not force it. The exception is if concurrent session control is enabled, when forceEagerSessionCreation will be set to true, regardless of what the setting is here. Using "never" would then cause an exception during the initialization of HttpSessionContextIntegrationFilter.

<bean id="httpSessionContextIntegrationFilter" class="org.springframework.security.web.context.HttpSessionContextIntegrationFilter">
<property name="allowSessionCreation" value="false"/>
</bean>

最佳答案

将以下内容添加到您的配置中:http session-creation='never'>有关 Spring 论坛的更多信息:http://forum.springsource.org/showthread.php?t=82196

关于java - tomcat中的Spring警告输出 "Failed to create a session",我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/4823058/

25 4 0
Copyright 2021 - 2024 cfsdn All Rights Reserved 蜀ICP备2022000587号
广告合作:1813099741@qq.com 6ren.com