SEC-1754: Introduce session "validation" strategy instead of having invalid session check directly in SessionManagmentFilter #1989

spring-issuemaster opened this Issue May 25, 2011 · 2 comments


None yet

1 participant


Migrated from SEC-1754


Luke Taylor said:

I've replaced the injection of the invalidSessionUrl with an InvalidSessionStrategy and a standard implementation (SimpleRedirectInvalidSessionStrategy) which performs a redirect to a configured target URL. This makes it easier to plug in custom behaviour

@spring-issuemaster spring-issuemaster added this to the 3.1.0.RC3 milestone Feb 5, 2016

This issue supersedes #1962

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment