在CAS中使用spring security时,在会话超时时调用cas logout的正确方法是什么,然后重定向到re-authenciate ??
<security:http entry-point-ref="casAuthenticationEntryPoint" use-expressions="true">
<security:intercept-url pattern="/home" access="hasRole('ROLE_USER')"/>
<security:custom-filter after="CAS_FILTER" ref="casAuthenticationFilter" />
<security:session-management session-authentication-strategy-ref="concurrentSessionControlStrategy" />
<security:logout invalidate-session="true" logout-success-url="/cas-logout.jsp"/>
</security:http>
答案 0 :(得分:0)
您可以按照link进行操作。您将看到此配置已在CAS中设置。默认情况下,用户的会话在闲置2小时后过期,如果您准确的话 此行为您必须定义存档
/cas-server-webapp/src/main/webapp/WEB-INF/spring-configuration/ticketExpirationPolicies.xml