This week's book giveaway is in the Programmer Certification forum.
We're giving away four copies of OCP Oracle Certified Professional Java SE 11 Programmer I Study Guide: Exam 1Z0-815 and have Jeanne Boyarsky & Scott Selikoff on-line!
See this thread for details.
Win a copy of OCP Oracle Certified Professional Java SE 11 Programmer I Study Guide: Exam 1Z0-815 this week in the Programmer Certification forum!
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Liutauras Vilda
  • Junilu Lacar
  • Jeanne Boyarsky
  • Bear Bibeault
Sheriffs:
  • Knute Snortum
  • Devaka Cooray
  • Tim Cooke
Saloon Keepers:
  • Tim Moores
  • Stephan van Hulst
  • Tim Holloway
  • Ron McLeod
  • Carey Brown
Bartenders:
  • Paweł Baczyński
  • Piet Souris
  • Vijitha Kumara

Spring : how to redirect to login page on session timeout

 
Ranch Hand
Posts: 254
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I am pretty new to spring, have set session timeout of 1 minute in the web.xml.

I need to display the login page once session is timed out and user clicks any link in the application.

Is there any framework or configuration in spring that allows for this funtionality?

Regards,
Joshua
 
Ranch Hand
Posts: 55
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
You have to add the HttpSessionContextIntegrationFilter (or another implementation) to the filterChainProxy in your spring security configuration.

In your authenticationEntryPoint you define the form (URL) where it should be redirected in case of an exception.

I think the new spring security is very easy to configure I'm still using the 1.5 spring and it worth looking into the new one I think.
 
ranger
Posts: 17344
11
Mac IntelliJ IDE Spring
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Yes in the latest Spring version, you don't have to define all those Filters. You just use auto-config="true"

So you will just need to define a login-page in your config file.

Here is an example



notice the <form-login> tag to define the login page. The <intercept-url> tags are to set patterns to secure. So in the first line, it really is just saying don't add the filters to the login page, as we don't want that secured. the second line says, only ROLE_USER members will see all the other pages of the web app.

Mark
 
Joshua Antony
Ranch Hand
Posts: 254
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I tried using


But after the session expires and I click on any link within the application, the same page gets displayed.
What could be the reason, am I missing something very silly?

Regards,
Joshua
 
Joshua Antony
Ranch Hand
Posts: 254
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I found out the issue, actually I was using old acegi jar.

Thanks Tomas and Mark for sharing your knowledge

Regards,
Joshua
 
CAUTION! Do not touch the blades on your neck propeller while they are active. Tiny ad:
Java file APIs (DOC, XLS, PDF, and many more)
https://products.aspose.com/total/java
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
Boost this thread!