Springboot2 session Setting Timeout Invalid Resolution

Question:

A time-out problem was encountered in today's project, and pressing application. properties of SpringBoot2 to change 1 will not take effect.

Solution:

The server. * property controls the embedded container used by Spring Boot. Spring Boot creates an instance of the servlet container using one of the ServletWebServerFactory instances. These classes use the server. * property to configure controlled servlet containers (tomcat, jetty, and so on). The server. * property does not apply when an application is deployed to an Tomcat instance as an war file. They do not apply because a pre-configured servlet container can be used (because it is a remotely run service). Therefore, deploying to a remote Tomcat will render the server. * property useless.

1. Change the configuration file according to the post given on the Internet (if Jar starts to take effect), as follows:

server:
  servlet:
    session:
      timeout: PT1H        # 1 Hour expiration 
      cookie:
        max-age: PT1H      # 1 Hour expiration 

Explanation: PT1H means to set the failure time of session to 1 hour.

Extension: Duration

Discover the setTimeouot method by looking at the springboot source code, which requires passing in an instance of Duration

    public void setTimeout(Duration timeout) {
       this.timeout = timeout;
    }

Duration is added to Java8 to calculate date differences, while Duration is declared by final and is thread-safe.

If you convert the string mode, it is similar to the format date mode of SimpleDateFormat

Duration strings are positive and negative like numbers: the default is positive, the negative begins with '-', followed by 'PT', and the following time letters:

'D' days 'H' hours 'M' minutes 'S' sec

Each unit must start with a number, and the order of time and seconds should not be out of order. For example, PT2H3M2S equals-PT-2H-3M-2S.

2. Set session timeout for tomcat

1) In the conf directory of tomcat, change servler. xml:

<Context path="/abtest" docBase="/abtest"  
 　　 defaultSessionTimeOut="3600" isWARExpanded="true"  
 　　 isWARValidated="false" isInvokerEnabled="true"  
 　　 isWorkDirPersistent="false"/>

2) Changes to web. xml in the project:

<session-config>  
    <session-timeout>20</session-timeout>  
</session-config>

3) Change in program

session.setMaxInactiveInterval ( 30*60 ); 

When you encounter the same problem, please look at the scarlet letter above and check it in sequence.

Test code:

@RestController
@RequestMapping("/valid-time")
public class TestController { 
    @GetMapping("/test")
    public String validTime(HttpServletRequest request, HttpServletResponse response) {
        HttpSession session = request.getSession(); 
        int sessionTime = session.getMaxInactiveInterval(); 
        return new StringBuilder("sessionTime=").append(sessionTime).toString();
    }
}

Giant Pit of Spring session Failure Caused by Time Asynchrony

The giant pit of Spring session failure caused by the time asynchronization of Linux server

Because of the need of business, the original stand-alone environment is changed to cluster environment. In order not to modify the task, spring session + redis is chosen as the session sharing scheme.

After confirming the technical scheme, I searched for a pile of information about spring session in Barabala on the Internet. After reading it once, I didn't find any lying pits in my predecessors, and started.

The redis installation process is ignored.

According to the data, spring session was added to the project step by step, and the single-node project ran successfully without reporting errors. session was also successfully written into redis.

Then, to be on the safe side, I installed nginx on my computer and deployed three tomcat. All of them looked perfect, and session was shared among multiple nodes.

Up to now, all the preliminary preparations have been completed, and the last step is just around the corner.

The nightmare began …

Deploy all nodes online, and then open the browser to access the application smoothly. Of course, we can't just stay at the point where we see the page finished, but we have to log in, so...

And then …

Enter the user password countless times to prompt the login success, but the final result is still rejected, o () o

Then there are countless trips to fill pits

Look at the log …

Look at all kinds of requests, requests...

Suspect spring session has BUG...

Even started the remote DEBUG mode debugging, and finally saw in the universal DEBUG mode that if session of spring session is obtained, it will first judge whether the session has expired, and the comparison method is also very simple, that is, obtain the current system time to compare with the expiration time of session, and if the current time is less than the expiration time, then identify that the session has not expired. Seeing this, I instantly felt a sobering feeling, and the small universe finally broke out here.

Nima- > All the session obtained are expired, and then... then... of course, I quickly ran to see the server time, so... I cried o () o, it turned out that Nima was you who cheated me...

In order to commemorate this trip to lie in the pit, this article is specially sent

In addition, record 1 time synchronization of Linux server by the way

date Command:

date: Looking at the current time, the result is as follows: Tue Mar 4 01:36:45 CST 2017

date-s 09:38:40: Set the current time and the result is as follows: Tue Mar 4 09:38:40 CST 2017

ntpdate command:

ntpdate-u ntp. api. bz: Network Time Synchronization Command

ntp Common Servers:

China National Time Service Center: 210.72. 145.44

NTP Server (Shanghai): ntp. api. bz