Class RequestedUrlRedirectInvalidSessionStrategy
java.lang.Object
org.springframework.security.web.session.RequestedUrlRedirectInvalidSessionStrategy
- All Implemented Interfaces:
InvalidSessionStrategy
public final class RequestedUrlRedirectInvalidSessionStrategy
extends Object
implements InvalidSessionStrategy
Performs a redirect to the original request URL when an invalid requested session is
detected by the
SessionManagementFilter
.-
Constructor Summary
-
Method Summary
Modifier and TypeMethodDescriptionvoid
onInvalidSessionDetected
(jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response) void
setCreateNewSession
(boolean createNewSession) Determines whether a new session should be created before redirecting (to avoid possible looping issues where the same session ID is sent with the redirected request).void
setRedirectStrategy
(RedirectStrategy redirectStrategy) Sets the redirect strategy to use.
-
Constructor Details
-
RequestedUrlRedirectInvalidSessionStrategy
public RequestedUrlRedirectInvalidSessionStrategy()
-
-
Method Details
-
onInvalidSessionDetected
public void onInvalidSessionDetected(jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response) throws IOException - Specified by:
onInvalidSessionDetected
in interfaceInvalidSessionStrategy
- Throws:
IOException
-
setCreateNewSession
public void setCreateNewSession(boolean createNewSession) Determines whether a new session should be created before redirecting (to avoid possible looping issues where the same session ID is sent with the redirected request). Alternatively, ensure that the configured URL does not pass through theSessionManagementFilter
.- Parameters:
createNewSession
- defaults totrue
.
-
setRedirectStrategy
Sets the redirect strategy to use. The default isDefaultRedirectStrategy
.- Parameters:
redirectStrategy
- the redirect strategy to use.- Since:
- 6.2
-