Spring : how to redirect to login page on session timeout

I am pretty new to spring, have set session timeout of 1 minute in the web.xml.

I need to display the login page once session is timed out and user clicks any link in the application.

Is there any framework or configuration in spring that allows for this funtionality?

Regards,
Joshua

You have to add the HttpSessionContextIntegrationFilter (or another implementation) to the filterChainProxy in your spring security configuration.

In your authenticationEntryPoint you define the form (URL) where it should be redirected in case of an exception.

I think the new spring security is very easy to configure I'm still using the 1.5 spring and it worth looking into the new one I think.

Yes in the latest Spring version, you don't have to define all those Filters. You just use auto-config="true"

So you will just need to define a login-page in your config file.

Here is an example

notice the <form-login> tag to define the login page. The <intercept-url> tags are to set patterns to secure. So in the first line, it really is just saying don't add the filters to the login page, as we don't want that secured. the second line says, only ROLE_USER members will see all the other pages of the web app.

Mark

I tried using

But after the session expires and I click on any link within the application, the same page gets displayed.
What could be the reason, am I missing something very silly?

Regards,
Joshua

I found out the issue, actually I was using old acegi jar.

Thanks Tomas and Mark for sharing your knowledge

Regards,
Joshua