org.springframework.security.web.session
Class SimpleRedirectInvalidSessionStrategy
java.lang.Object
org.springframework.security.web.session.SimpleRedirectInvalidSessionStrategy
- All Implemented Interfaces:
- InvalidSessionStrategy
public final class SimpleRedirectInvalidSessionStrategy
- extends Object
- implements InvalidSessionStrategy
Performs a redirect to a fixed URL when an invalid requested session is detected by the SessionManagementFilter
.
Method Summary |
void |
onInvalidSessionDetected(javax.servlet.http.HttpServletRequest request,
javax.servlet.http.HttpServletResponse response)
|
void |
setCreateNewSession(boolean createNewSession)
Determines whether a new session should be created before redirecting (to avoid possible looping issues where
the same session ID is sent with the redirected request). |
Methods inherited from class java.lang.Object |
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
SimpleRedirectInvalidSessionStrategy
public SimpleRedirectInvalidSessionStrategy(String invalidSessionUrl)
onInvalidSessionDetected
public void onInvalidSessionDetected(javax.servlet.http.HttpServletRequest request,
javax.servlet.http.HttpServletResponse response)
throws IOException
- Specified by:
onInvalidSessionDetected
in interface InvalidSessionStrategy
- Throws:
IOException
setCreateNewSession
public void setCreateNewSession(boolean createNewSession)
- Determines whether a new session should be created before redirecting (to avoid possible looping issues where
the same session ID is sent with the redirected request). Alternatively, ensure that the configured URL
does not pass through the
SessionManagementFilter
.
- Parameters:
createNewSession
- defaults to true
.