[code] <session-config>
<session-timeout>30</session-timeout>
</session-config>[/code]
after 30 minus the session will time out ,the sime as u invoking
session.invalidate();so when in HttpSessionContextIntegrationFilter,
it will create new security context with no auth.so for the proteced
url u can't see it.
the session time out has a defaut time if u didn't set it explicitly.
<session-timeout>30</session-timeout>
</session-config>[/code]
after 30 minus the session will time out ,the sime as u invoking
session.invalidate();so when in HttpSessionContextIntegrationFilter,
it will create new security context with no auth.so for the proteced
url u can't see it.
the session time out has a defaut time if u didn't set it explicitly.
扫一扫
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
