handle session expired event in spring based web application

后端未结

关注

 1  1791

说谎 2020-12-17 06:44

I am using Spring security feature in my application, but I found out that when the session expired, all the request ajax return the page login.jsp(not redirect, in http res

1条回答

猫巷女王i (楼主)

2020-12-17 07:36

Use custom AuthenticationEntryPoint:

package com.example.spring.security
// imports here

public class AjaxAwareAuthenticationEntryPoint
     extends LoginUrlAuthenticationEntryPoint {

  public AjaxAwareAuthenticationEntryPoint(final String loginFormUrl) {
    super(loginFormUrl);
  }

  @Override
  public void commence(final HttpServletRequest request, final HttpServletResponse response, final AuthenticationException authException)
      throws IOException, ServletException {

    if ("XMLHttpRequest".equals(request.getHeader("X-Requested-With"))) {
      response.sendError(403, "Forbidden");
    } else {
      super.commence(request, response, authException);
    }
  }
}

Define a bean and use it as entry-point-ref in element:

0 讨论(0)