List of usage examples for org.springframework.security.config.http SessionCreationPolicy IF_REQUIRED
SessionCreationPolicy IF_REQUIRED
To view the source code for org.springframework.security.config.http SessionCreationPolicy IF_REQUIRED.
Click Source Link
From source file:com.traffitruck.WebSecurityConfig.java
@Override protected void configure(HttpSecurity http) throws Exception { // handle content encoding CharacterEncodingFilter filter = new CharacterEncodingFilter(); filter.setEncoding("UTF-8"); filter.setForceEncoding(true);/*from ww w . ja va 2 s . c om*/ http.addFilterBefore(filter, CsrfFilter.class); http.authorizeRequests() .antMatchers("/css/**", "/js/**", "/images/**", "/registerUser", "/verifyPhone", "/resendVerificationCode", "/registrationConfirmation", "/forgotPassword", "/resetPassword") .permitAll() .antMatchers("/newload", "/myLoads", "/deleteLoad", "/load_details/**", "/editLoad/**", "/updateload") .hasAuthority(Role.LOAD_OWNER.name()) .antMatchers("/truckerMenu", "/findTrucksForLoad", "/addAvailability", "/myTrucks", "/newTruck", "/load_details_for_trucker/**", "/load_for_truck_by_radius", "/myAlerts", "/newAlert") .hasAuthority(Role.TRUCK_OWNER.name()) .antMatchers("/loads", "/trucks", "/truckApproval", "/nonApprovedTrucks", "/approval/licenseimage/**", "/truckApproval", "/load_details_json/**", "/deleteLoadAdmin", "/users", "/alerts", "/allow_load_details/**") .hasAuthority(Role.ADMIN.name()).anyRequest().authenticated(); http.formLogin().loginPage("/login").successHandler(successHandler()).permitAll().and().logout().permitAll() .deleteCookies("remember-me").logoutRequestMatcher(new AntPathRequestMatcher("/logout")) .logoutSuccessUrl("/login?logout"); http.rememberMe().tokenRepository(repository).userDetailsService(userDetails); http.sessionManagement().maximumSessions(9999).expiredUrl("/login?logout").maxSessionsPreventsLogin(false) .and().sessionCreationPolicy(SessionCreationPolicy.IF_REQUIRED).invalidSessionUrl("/login"); }