diff options
author | Vitaly Takmazov | 2018-11-19 18:57:31 +0300 |
---|---|---|
committer | Vitaly Takmazov | 2018-11-19 18:57:31 +0300 |
commit | 688c8e5760a4a941acae2ebf5ebde5003d4d5eb2 (patch) | |
tree | e68a99480fa85dc4ee437bf2a3eeae6ca5ee53a1 | |
parent | e7433a03bb056ec7de2e281304ef44fc4351d49d (diff) |
www: disable JSESSIONID
-rw-r--r-- | src/main/java/com/juick/server/configuration/SecurityConfig.java | 5 |
1 files changed, 3 insertions, 2 deletions
diff --git a/src/main/java/com/juick/server/configuration/SecurityConfig.java b/src/main/java/com/juick/server/configuration/SecurityConfig.java index 37007f09..fd7b73e8 100644 --- a/src/main/java/com/juick/server/configuration/SecurityConfig.java +++ b/src/main/java/com/juick/server/configuration/SecurityConfig.java @@ -182,8 +182,9 @@ public class SecurityConfig { .anyRequest().permitAll() .and() .anonymous().principal(JuickUser.ANONYMOUS_USER).authorities(JuickUser.ANONYMOUS_AUTHORITY) - .and() - .sessionManagement().invalidSessionUrl("/") + .and().sessionManagement() + .sessionCreationPolicy(SessionCreationPolicy.STATELESS) + .invalidSessionUrl("/") .and() .logout() .logoutRequestMatcher(new AntPathRequestMatcher("/logout")) |