在Spring Webflux中使用域设置java多会话ID
在SpringWebFlux中,我想将根域属性(例如:example.com)添加到我的cookie中,以便相同的会话也可以用于子域
我按照教程here通过定义一个自定义WebSessionIdResolver
bean来设置cookie中的domain属性。不幸的是,在我登录之后,所有后续的HTTP请求都会在Cookie头中发送多个会话ID。这会导致Spring服务器无法识别登录用户的正确会话ID
示例代码:
@Bean
public WebSessionIdResolver webSessionIdResolver() {
CookieWebSessionIdResolver resolver = new CookieWebSessionIdResolver();
resolver.setCookieMaxAge(Duration.of(30, DAYS));
resolver.addCookieInitializer((builder) -> builder.domain("example.com"));
resolver.addCookieInitializer((builder) -> builder.path("/"));
resolver.addCookieInitializer((builder) -> builder.sameSite("Lax"));
return resolver;
}
/login
的响应头:
set-cookie:
SESSION=b86789ea-7cdd-4e66-910f-7788dad2c0ce; Path=/; Domain=example.com; Max-Age=2592000; Expires=Sat, 28 Aug 2021 08:08:26 GMT; Secure; HttpOnly; SameSite=Lax
后续HTTP请求的请求头:
Cookie: SESSION=257d34e5-7264-4cc0-b98e-7adcfde216b3; SESSION=b86789ea-7cdd-4e66-910f-7788dad2c0ce
如果您能帮我解决这个问题,我们将不胜感激
共 (0) 个答案