0

在我的 spring-security 应用程序中,我经常遇到会话破坏问题。这是我的会话生命周期堆栈跟踪。

    **07:58:09,287** INFO [] [] [] [] (default task-2339) **Session 
    ZQ9a8LrT1d1SO7pPsdv9iqKmG0GRT-WdieIVlf9N is created !**


    07:58:40,395 WARN 
    [org.springframework.security.authentication.event.LoggerListener] [] 
    [] [] (default task-2339) Authentication event 
    AuthenticationSuccessEvent: ; details: 
    org.springframework.security.web.authentication.WebAuthentication...
    ...Details@0:; SessionId: ZQ9a8LrT1d1SO7pPsdv9iqKmG0GRT-WdieIVlf9N

    07:58:40,396 WARN 
    [org.springframework.security.authentication.event.LoggerListener] [] 
    [] [] (default task-2339) Authentication event 
    InteractiveAuthenticationSuccessEvent: ; details: 
    org.springframework.security.web.authentication.WebAuthentication...
    ...Details@0:; SessionId: ZQ9a8LrT1d1SO7pPsdv9iqKmG0GRT-WdieIVlf9N

    **07:58:41,116** INFO [] [] [] [] (default task-2339) **Session 
    ZQ9a8LrT1d1SO7pPsdv9iqKmG0GRT-WdieIVlf9N is destoyed !**
    07:58:41,117 INFO [] [] [] [] (default task-2339) Session 
    kQe2p6L1T5GGyAMBw1W0-zV7LyKqihD5irZ42DOI is created !

    **07:58:41,117** WARN 
    [org.springframework.security.authentication.event.LoggerListener] [] 
    [] [] (default task-2339) Authentication event 
    **SessionFixationProtectionEvent:** ; details: 
    org.springframework.security.web.authentication.WebAuthentication
    Details@0:; **SessionId: ZQ9a8LrT1d1SO7pPsdv9iqKmG0GRT-WdieIVlf9N**

从日志看来,它可能与Spring-security SessionFixationProtectionEvent.

是什么导致了这个错误?如果有人对此有任何线索,请指导我。

4

0 回答 0