Reputation: 5241
Refresh expiration of cookie of session in spring boot
I am solving problem with cookie expiration which holds information about session with given user.
I tried this solution:
refresh cookie on each request in spring
but condition cookie.getValue().contentEquals(request.getSession().getId()) never pass
Our case: We have stored user session in redis, which has some expiration (for instance 30 min)
In spring we have configured cookie like this:
spring.session.timeout=1d
server.servlet.session.cookie.secure=true
server.servlet.session.cookie.http-only=true
server.servlet.session.cookie.max-age=1d
When user is working on website, session's expiration is renewed, but cookie has fixed expiration 1d, so in some moment remove all user data. We need set this cookie expiration by session, or automatically renew it. Is it possible? We are using boot 2.
Upvotes: 2
Views: 3286
Answers (1)
Reputation: 111
By default every cookie acts as a session cookie which means cookie is expired as soon as the session ends(basically when the browser is closed). But you are overriding the default behaviour and making it a permanent cookie by adding server.servlet.session.cookie.max-age=1d Remove that property and it should work
Upvotes: 1
Related Questions
- refresh cookie on each request in spring
- How to set absolute session timeout for a Spring Session
- How to set a cookie expiration time when login using AuthenticationProvider
- How to set expiration date-time of JSESSION cookie with Spring Boot
- How to get notified when session is about to expire? Spring-boot
- Add expire to Spring Security remember me cookie
- Tomcat Spring Security - set session cookie expiration time
- How do I get Spring generated cookies to expire when browser is closed?
- JSESSIONID not expired, SPRING_SECURITY_REMEMBER_ME expired
- How to Bypass Resetting a Session's Expiration