Announcement Announcement Module
No announcement yet.
Not able to redirect to login page after session time out Page Title Module
Move Remove Collapse
Conversation Detail Module
  • Filter
  • Time
  • Show
Clear All
new posts

  • Not able to redirect to login page after session time out

    I am trying to implement spring security in the my project let me know what i am missing.

    not able to redirect after session timeout on the sessiontimeout page

    below is my spring security xml.Please help and let me know what i am missing.

    spring security xml.
    <beans:beans xmlns=""
    xmlns:beans="" xmlns:xsi=""

    <http auto-config="true">
    <intercept-url pattern="*.do" access="ROLE_USER" />
    <form-login login-page="/login" default-target-url="/welcome" authentication-failure-url="/loginfailed" />
    <logout logout-success-url="/logout" invalidate-session="true" logout-url="/logout"/>

    <concurrency-control max-sessions="1" error-if-maximum-exceeded="true" /></session-management>

    <session-management invalid-session-url="/" />



    <listener-class>org.springframework.web.context.ContextLoade rListener</listener-class>


    <listener-class> pSessionEventPublisher</listener-class>

    <filter-class>org.springframework.web.filter.DelegatingFil terProxy</filter-class>



  • #2
    Please use [ code][/code ] tags when posting code that way it remains readable. Also your problem description isn't clear I have no clue what the problem is. What I guess is that you get in a loop on invalid session you redirect to / which is protected however you again/still have an invalid session and get redirected again, again again... So either redirect to the login page or another page which is not protected by Spring Security.


    • #3
      I have tried to redirect to the login page but i am not able to redirect to the login page. i think filter is not working .
      could you please let me know if i am missing any settings in web.xml or security.xml.


      • #4
        though I am late in replying here. But you can implement a javascript based mechanism to <a href="">force login page after session timeout</a>