CODEWITHSUNDEEP
angularjsspring-securityspring-bootsession-timeoutjhipster
François F.
François F.

Reputation: 229

How to set session timeout with spring boot embedded tomcat

I don't manage to set session timeout in my Jhipster WebApp (spring boot + Spring security + angularJS)

I just did the simplest way :

...
/**
 * Configuration of web application with Servlet 3.0 APIs.
 */
@Configuration
public class WebConfigurer implements ServletContextInitializer, EmbeddedServletContainerCustomizer
{
 ....
@Inject
    private ServerProperties serverProperties;
....
/**
     * Set up Mime types.
     */
    @Override
    public void customize(ConfigurableEmbeddedServletContainer container)
    {
        MimeMappings mappings = new MimeMappings(MimeMappings.DEFAULT);
        // IE issue, see https://github.com/jhipster/generator-jhipster/pull/711
        mappings.add("html", "text/html;charset=utf-8");
        // CloudFoundry issue, see https://github.com/cloudfoundry/gorouter/issues/64
        mappings.add("json", "text/html;charset=utf-8");
        container.setSessionTimeout(serverProperties.getSession().getTimeout(), TimeUnit.MINUTES);
        log.info("SessionTimeout = {}", serverProperties.getSession().getTimeout());
        container.addErrorPages(new ErrorPage(HttpStatus.NOT_FOUND, "/login"));
        container.setMimeMappings(mappings);
    }
...

@ConfigurationProperties(prefix = "server", ignoreUnknownFields = true)
public class ServerProperties
{
    private Session session = new Session();

    public static class Session
    {
        private int timeout = 6;

        public int getTimeout()
        {
            return timeout;
        }

        public void setTimeout(int timeout)
        {
            this.timeout = timeout;
        }

    }

    public Session getSession()
    {
        return session;
    }

    public void setSession(Session session)
    {
        this.session = session;
    }

}

Application.yml

server:
    port: 8080
    session:
      timeout: 1

Logs informs that the session in 1 minute length :

2016-07-28 16:17:03.103  INFO 6248 --- [  restartedMain] com.tess2i.config.WebConfigurer          : SessionTimeout = 1

After starting the WebApp, I logged in WebApp, Then I waited more than 1 minute. Then I click somewhere to query server. All was still working. No session error/redirection.

What else needs to be done ?

Upvotes: 0

Views: 6788

Answers (1)

Miloš Milivojević
Miloš Milivojević

Reputation: 5369

First of all, you didn't need to provide any custom implementation, setting server.session.timeout should be supported through Spring Boot out of the box, see the official documentation for more details.

As far as timeouts and redirects are concerned, are you sure you're not using remember-me or JWT authentication or other authentication methods that don't rely on HTTP sessions and their expiration?

Upvotes: 1

Related Questions