问题
I want to set up session management and authentication with Spring Boot. Specifically, when the user logs into my web application, they should be able to call my REST API to get data. Furthermore, after a certain period of time, they should be automatically logged out of the system at which point any REST calls should also fail. How can I accomplish this with Spring Boot ?
回答1:
You can make use of Spring Session works well with spring boot
Docs :http://docs.spring.io/spring-session/docs/current/reference/html5/
Spring Session provides an API and implementations for managing a user’s session information. It also provides transparent integration with:
HttpSession - allows replacing the HttpSession in an application container (i.e. Tomcat) neutral way. Additional features include:
Clustered Sessions - Spring Session makes it trivial to support clustered sessions without being tied to an application container specific solution.
Multiple Browser Sessions - Spring Session supports managing multiple users' sessions in a single browser instance (i.e. multiple authenticated accounts similar to Google).
RESTful APIs - Spring Session allows providing session ids in headers to work with RESTful APIs
来源:https://stackoverflow.com/questions/42043656/session-management-with-spring-boot