org.springframework.security.web.session
Class SimpleRedirectInvalidSessionStrategy

java.lang.Object
  extended by org.springframework.security.web.session.SimpleRedirectInvalidSessionStrategy
All Implemented Interfaces:
InvalidSessionStrategy

public final class SimpleRedirectInvalidSessionStrategy
extends Object
implements InvalidSessionStrategy

Performs a redirect to a fixed URL when an invalid requested session is detected by the SessionManagementFilter.


Constructor Summary
SimpleRedirectInvalidSessionStrategy(String invalidSessionUrl)
           
 
Method Summary
 void onInvalidSessionDetected(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response)
           
 void setCreateNewSession(boolean createNewSession)
          Determines whether a new session should be created before redirecting (to avoid possible looping issues where the same session ID is sent with the redirected request).
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

SimpleRedirectInvalidSessionStrategy

public SimpleRedirectInvalidSessionStrategy(String invalidSessionUrl)
Method Detail

onInvalidSessionDetected

public void onInvalidSessionDetected(javax.servlet.http.HttpServletRequest request,
                                     javax.servlet.http.HttpServletResponse response)
                              throws IOException
Specified by:
onInvalidSessionDetected in interface InvalidSessionStrategy
Throws:
IOException

setCreateNewSession

public void setCreateNewSession(boolean createNewSession)
Determines whether a new session should be created before redirecting (to avoid possible looping issues where the same session ID is sent with the redirected request). Alternatively, ensure that the configured URL does not pass through the SessionManagementFilter.

Parameters:
createNewSession - defaults to true.