세션 세션 만료 예외 처리

Question

스프링 보안을 사용하면 응용 프로그램 웹을 잠시 동안 열어두면 인증이 손실되고 사용자가 다시 로그인해야 응용 프로그램의 버튼이나 링크를 클릭하여 작업을 완료 할 수 있습니다 이 예외가 나타납니다

Etat HTTP 500 - javax.servlet.ServletException: javax.servlet.jsp.JspException: org.springframework.beans.NotReadablePropertyException: Invalid property 'principal.username' of bean class [org.springframework.security.authentication.AnonymousAuthenticationToken]: Bean property 'principal.username' is not readable or has an invalid getter method: Does the return type of the getter match the parameter type of the setter? 

그래서 난이 숨기고 꽤 페이지는 사용자가 바람둥이의 메시지를 이해하지 수 있기 때문에 사용자가 로그인해야합니다 그는 그하여 무서운 될 수 있다고 보여주고 싶은! 어떤 제안?

/* EDIT */

<?xml version="1.0" encoding="UTF-8"?> 
    <beans:beans xmlns="http://www.springframework.org/schema/security" 
     xmlns:beans="http://www.springframework.org/schema/beans" 
     xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" 
     xsi:schemaLocation="http://www.springframework.org/schema/beans 
     http://www.springframework.org/schema/beans/spring-beans-3.0.xsd 
     http://www.springframework.org/schema/security 
     http://www.springframework.org/schema/security/spring-security-3.0.xsd"> 

     <http auto-config="true"> 
      <intercept-url pattern="/" access="ROLE_ADMIN,ROLE_USER" /> 
      <intercept-url pattern="/index*" access="ROLE_ADMIN,ROLE_USER" /> 
      <intercept-url pattern="/mise_a_jour*" access="ROLE_ADMIN,ROLE_USER" /> 
      <intercept-url pattern="/recherche*" access="ROLE_ADMIN,ROLE_USER" /> 
      <intercept-url pattern="/pages/*" filters="none" /> 
      <intercept-url pattern="/css/*" filters="none" /> 
      <intercept-url pattern="/js/*" filters="none" /> 
      <intercept-url pattern="/images/*" filters="none" /> 
      <form-login login-page="/login" authentication-failure-url="/failLogin" /> 
      <logout logout-success-url="/logoff" /> 
      <access-denied-handler error-page="/403" /> 

     </http> 



    <beans:bean id="concurrencyFilter" 
      class="org.springframework.security.web.session.ConcurrentSessionFilter"> 
     <beans:property name="sessionRegistry" ref="sessionRegistry" /> 
     <beans:property name="expiredUrl" value="/session-expired" /> 
     </beans:bean> 

     <authentication-manager> 
      <authentication-provider> 
       <password-encoder hash="sha" /> 
       <jdbc-user-service data-source-ref="dataSource" 
        users-by-username-query="select login,password, enable from utilisateurs where login=?" 
        authorities-by-username-query="select u.login, r.role from utilisateurs u, roles r where u.id = r.id and u.login =? " /> 
      </authentication-provider> 
     </authentication-manager> 


    </beans:beans> 

스택 추적 :

Caused by: org.springframework.beans.factory.NoSuchBeanDefinitionException: No bean named 'sessionRegistry' is defined 
    at org.springframework.beans.factory.support.DefaultListableBeanFactory.getBeanDefinition(DefaultListableBeanFactory.java:527) 
    at org.springframework.beans.factory.support.AbstractBeanFactory.getMergedLocalBeanDefinition(AbstractBeanFactory.java:1083) 
    at org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(AbstractBeanFactory.java:274) 
    at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:190) 
    at org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveReference(BeanDefinitionValueResolver.java:322) 
    ... 25 more 

Answer 1

설정할 수 만료-URL이라는 설정이

<beans:bean id="concurrencyFilter" 
     class="org.springframework.security.web.session.ConcurrentSessionFilter"> 
    <beans:property name="sessionRegistry" ref="sessionRegistry" /> 
    <beans:property **name="expiredUrl" value="/session-expired.htm"** /> 
    </beans:bean> 

같은 것이있다

여기 더 자세한 정보는 http://static.springsource.org/spring-security/site/docs/3.0.x/reference/session-mgmt.html입니다.