我收到了消息,我不知道他们的意思.一切似乎都运转正常,但我只是想保持安全.是否可以对这些警告做些什么:
2011-01-25 / 23:30:06.856 / EST [http-80-exec-1] WARN无法创建会话,因为响应已提交.无法存储SecurityContext.
2011-01-25 / 23:30:09.597 / EST [http-80-exec-3] WARN认证事件InteractiveAuthenticationSuccessEvent:email@domain.com;详细信息:org.springframework.security.web.authentication.WebAuthenticationDetails@957e:RemoteIpAddress:170.9.26.16; SessionId:null
我正在运行春季3和tomcat 6春季安全3
UPDATE
我根据这个信息重新配置了以下bean(从here开始):
create-session
Controls the eagerness with which an HTTP session is created. If not set,defaults to “ifrequired”. Other options are “always” and “never”. The setting of this attribute affect the allowSessionCreation and forceEagerSessionCreation properties of HttpSessionContextIntegrationFilter. allowSessionCreation will always be true unless this attribute is set to “never”. forceEagerSessionCreation is “false” unless it is set to “always”. So the default configuration allows session creation but does not force it. The exception is if concurrent session control is enabled,when forceEagerSessionCreation will be set to true,regardless of what the setting is here. Using “never” would then cause an exception during the initialization of HttpSessionContextIntegrationFilter.
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
