www: disable JSESSIONID

author: Vitaly Takmazov 2018-11-19 18:57:31 +0300
committer: Vitaly Takmazov 2018-11-19 18:57:31 +0300
commit: 688c8e5760a4a941acae2ebf5ebde5003d4d5eb2 (patch)
tree: e68a99480fa85dc4ee437bf2a3eeae6ca5ee53a1 /src
parent: e7433a03bb056ec7de2e281304ef44fc4351d49d (diff)
1 files changed, 3 insertions, 2 deletions
diff --git a/src/main/java/com/juick/server/configuration/SecurityConfig.java b/src/main/java/com/juick/server/configuration/SecurityConfig.java
index 37007f09..fd7b73e8 100644
--- a/src/main/java/com/juick/server/configuration/SecurityConfig.java
+++ b/src/main/java/com/juick/server/configuration/SecurityConfig.java
@@ -182,8 +182,9 @@ public class SecurityConfig {
                     .anyRequest().permitAll()
                     .and()
                     .anonymous().principal(JuickUser.ANONYMOUS_USER).authorities(JuickUser.ANONYMOUS_AUTHORITY)
-                    .and()
-                    .sessionManagement().invalidSessionUrl("/")
+                    .and().sessionManagement()
+                    .sessionCreationPolicy(SessionCreationPolicy.STATELESS)
+                    .invalidSessionUrl("/")
                     .and()
                     .logout()
                     .logoutRequestMatcher(new AntPathRequestMatcher("/logout"))
author	Vitaly Takmazov	2018-11-19 18:57:31 +0300
committer	Vitaly Takmazov	2018-11-19 18:57:31 +0300
commit	688c8e5760a4a941acae2ebf5ebde5003d4d5eb2 (patch)
tree	e68a99480fa85dc4ee437bf2a3eeae6ca5ee53a1 /src
parent	e7433a03bb056ec7de2e281304ef44fc4351d49d (diff)