TechQA.

Spring Security with Spring Session: how to forbid updating of session last access time for particular requests

822 views Asked by At

The thing I want to do is to exclude requests on /my-path from any checks by Spring Security. The problem is that I have a path /my-path. And requests for this path should not update the last access time in Spring Session. The way the request passes is through SecurityContextPersistenceFilter, where the filter loads the context via SecurityContextRepository. And the SecurityContextRepository gets the session, which updates last accessed time. So the question is: Is it possible to exclude requests on /my-path from any sessions checks?

spring spring-security spring-session
Original Q&A
1

There are 1 answers

0
chaoluo On BEST ANSWER 
<http pattern="/my-path" security="none"/>

or Java config

web.ignoring().antMatchers("/my-path");

Related Questions in SPRING

Related Questions in SPRING-SECURITY

Related Questions in SPRING-SESSION

Popular Questions

Popular Tags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs node.js arrays c asp.net json python-3.x ruby-on-rails .net sql-server swift django angular objective-c pandas excel

Trending Questions