I was wondering, how redirection works at session timeout. In our application, on session timeout users get redirected to login page.
I wanted to understand how all this happens. Please help me to understand.
Well, Spring Security has very flexible and extensible set of tools. Session management is not an exception. For session timeout redirect in java based configs you should use:
protected void configure(HttpSecurity http) throws Exception {
http
...
.sessionManagement()
.invalidSessionUrl("/some_redirect_URL")
...
}
This mechanism triggers one of implementations of InvalidSessionStrategy
which handles the timeout exception.
Read the Spring Security documentation for more details.
You can invalidate a session in your SessionListener
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.