Class RequestedUrlRedirectInvalidSessionStrategy
java.lang.Object
org.springframework.security.web.session.RequestedUrlRedirectInvalidSessionStrategy
- All Implemented Interfaces:
InvalidSessionStrategy
public final class RequestedUrlRedirectInvalidSessionStrategy
extends Object
implements InvalidSessionStrategy
Performs a redirect to the original request URL when an invalid requested session is
detected by the
SessionManagementFilter.-
Constructor Summary
Constructors -
Method Summary
Modifier and TypeMethodDescriptionvoidonInvalidSessionDetected(jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response) voidsetCreateNewSession(boolean createNewSession) Determines whether a new session should be created before redirecting (to avoid possible looping issues where the same session ID is sent with the redirected request).voidsetRedirectStrategy(RedirectStrategy redirectStrategy) Sets the redirect strategy to use.
-
Constructor Details
-
RequestedUrlRedirectInvalidSessionStrategy
public RequestedUrlRedirectInvalidSessionStrategy()
-
-
Method Details
-
onInvalidSessionDetected
public void onInvalidSessionDetected(jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response) throws IOException - Specified by:
onInvalidSessionDetectedin interfaceInvalidSessionStrategy- Throws:
IOException
-
setCreateNewSession
public void setCreateNewSession(boolean createNewSession) Determines whether a new session should be created before redirecting (to avoid possible looping issues where the same session ID is sent with the redirected request). Alternatively, ensure that the configured URL does not pass through theSessionManagementFilter.- Parameters:
createNewSession- defaults totrue.
-
setRedirectStrategy
Sets the redirect strategy to use. The default isDefaultRedirectStrategy.- Parameters:
redirectStrategy- the redirect strategy to use.- Since:
- 6.2
-