我们可以在春季的会话超时之前设置条件吗? [英] Can we put condition before session timeout in spring?
问题描述
我已经定义了以下用于处理用户会话的规则.
- 当用户登录时,将调用HttpSessionListener的sessioncreate()并将其状态设置为数据库中的在线状态.
- 当用户注销时,将调用HttpSessionListener的sessiondestroy()并将数据库中的用户状态设置为脱机.
- 当用户关闭浏览器/选项卡时,请在浏览器卸载/some_other事件上调用AJAX来破坏会话.
- 由于我们不能完全依赖浏览器事件,因此也请在服务器端使用session_timeout.在会话超时事件中,首先进行从服务器到客户端的验证调用,并确认他/她是否仍然可用.如果收到客户端的确认,则表示浏览器选项卡仍处于打开状态.因此,我们不会破坏会话.
在最后一条规则中,如何拦截spring的会话破坏机制? 如果收到来自客户端的确认,如何跳过会话销毁?
谢谢
让我建议一种更好的方法,而不是在捕获会话超时事件后从服务器重新激活会话.
由于只要打开浏览器就想保持会话处于活动状态,即使用户没有访问该站点(与之交互),也要从页面发送回Ajax ping服务器.
这个答案就是一个例子- https://stackoverflow.com/a/3877867/6352160
这将解决两个问题-用户关闭浏览器选项卡时自动关闭会话.只要选项卡处于打开状态,就使会话保持活动状态.我仍然建议您保留一个Session变量作为计数器,并允许仅在固定的时间限制内打开该会话,以避免不必要地长时间运行会话.
I have defined below rules for handling user session.
- When user logs in sessioncreate() of HttpSessionListener will be called and will set user status as online in database.
- When user logs out sessiondestroy() of HttpSessionListener will be called and will set user status as offline in database..
- When user closes the browser/tab, make AJAX call on browser unload/some_other event to destroy the session.
- Since we can not rely on browser events completely, use session_timeout on server side also. On Session timeout event, first make validation call from server to client and confirm if he/she is still available. If received acknowledgement from client, it means browser tab is still open. So we will not destroy the session.
Here in last rule, how to intercept the session destroy mechanism of spring ? How to skip session destroy if acknowledgement is received from client ?
Thanks,
Instead of reactivating the Session from the server after catching the Session timeout event, let me suggest a better way.
Since you want to keep the session active as long as the browser is open, even if user is not accessing (interacting) with the site, send an Ajax ping back the server from the page.
This answer is an example of that - https://stackoverflow.com/a/3877867/6352160
This will solve both the problems - Close sessions automatically when the user has closed the browser tab. Keep session active as long as the tab is open. I would still suggest you keep a Session variable as a counter and allow the session to be open only for a fixed time limit to avoid unnecessarily long running sessions.
这篇关于我们可以在春季的会话超时之前设置条件吗?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
