Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Listener for Session Expiration in Spring

I am new to spring security and using it for authentication. I am facing a issue that when the browser is closed or in case of any unusual failure the session expires but I am unable catch the event so as to get the clean up code executed. I explore about it and found HttpSessionEventPublisher in Spring to capture HttpSessionDestroyedEvent in sessionDestroyed() method but that is not called when I close the browser.

Request to suggest solution for the same.

like image 977
Prashant Avatar asked Oct 23 '13 06:10

Prashant


People also ask

How do I know if my spring boot session is expired?

getAuthentication(); If you want to be notified when session has expired or person logged out you can always register listener on SessionDestroyedEvent - documentation. Its also worth to refer to spring docs for that subject.

How do I set session timeout in Spring Security?

Spring Security Session Timeout In the case of Tomcat we can set the session timeout by configuring the maxInactiveInterval attribute on the manager element in server. xml or using the session-timeout element in web. xml. Note that the first option will affect every app that's deployed to the Tomcat instance.

What is SessionCreationPolicy?

Enum SessionCreationPolicySpecifies the various session creation policies for Spring Security.


1 Answers

Maybe SessionManagementFilter could help?

Or you can configure Spring Security to automatically redirect user if timeout occured: Detecting timeouts section.

like image 54
Ernestas Kardzys Avatar answered Oct 18 '22 18:10

Ernestas Kardzys