Class SimpleRedirectInvalidSessionStrategy
java.lang.Object
org.springframework.security.web.session.SimpleRedirectInvalidSessionStrategy
- All Implemented Interfaces:
InvalidSessionStrategy
public final class SimpleRedirectInvalidSessionStrategy
extends Object
implements InvalidSessionStrategy
Performs a redirect to a fixed URL when an invalid requested session is detected by the
SessionManagementFilter
.-
Constructor Summary
-
Method Summary
Modifier and TypeMethodDescriptionvoid
onInvalidSessionDetected
(jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response) void
setCreateNewSession
(boolean createNewSession) Determines whether a new session should be created before redirecting (to avoid possible looping issues where the same session ID is sent with the redirected request).
-
Constructor Details
-
SimpleRedirectInvalidSessionStrategy
-
-
Method Details
-
onInvalidSessionDetected
public void onInvalidSessionDetected(jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response) throws IOException - Specified by:
onInvalidSessionDetected
in interfaceInvalidSessionStrategy
- Throws:
IOException
-
setCreateNewSession
public void setCreateNewSession(boolean createNewSession) Determines whether a new session should be created before redirecting (to avoid possible looping issues where the same session ID is sent with the redirected request). Alternatively, ensure that the configured URL does not pass through theSessionManagementFilter
.- Parameters:
createNewSession
- defaults totrue
.
-