Question

我需要审核超时logOut事件，我进行了一些搜索并找到了解决方案。但这是行不通的。当用户注销或超时时，根本不会调用事件方法。

这是我的代码： ObjectLock.java：

@Component
public class ObjectLock implements ApplicationListener<SessionDestroyedEvent> {

    @Override
    public void onApplicationEvent(SessionDestroyedEvent event)
    {
        List<SecurityContext> lstSecurityContext = event.getSecurityContexts();
        String userName;
        for (SecurityContext securityContext : lstSecurityContext)
        {
          userName = (String)securityContext.getAuthentication().getPrincipal();
          System.out.println("Log Out " + userName);
            // ...
        }
    }
}

Application.java：

 public class Application {
      public static void main(String[] args) throws Exception {
        TimeZone.setDefault(TimeZone.getTimeZone("Etc/UTC"));
        SpringApplication application = new SpringApplication( Application.class );
        application.addListeners(new ObjectLock());
        ConfigurableApplicationContext context = application.run(args);
      //  ConfigurableApplicationContext context = SpringApplication.run(Application.class, args);
      }
    }

任何人都可以告诉我怎么了？谢谢。

Answer 1

添加以下代码/类，然后将调用侦听器：

import org.springframework.boot.web.servlet.ServletListenerRegistrationBean;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.web.session.HttpSessionEventPublisher;

@Configuration
public class ApplicationConfig {
  @Bean
  public ServletListenerRegistrationBean<HttpSessionEventPublisher> httpSessionEventPublisher() {
    return new ServletListenerRegistrationBean<HttpSessionEventPublisher>(new HttpSessionEventPublisher());
  }
}

未调用ApplicationListener <sessiondestroyedevent>

1 个答案: