If I am using Spring Session, is it necessary to set up sessionManagement in HttpSecurity?

perl

asked 2022-08-09 11:00:00 +0000

qstack
143 ●2 ●70 ●14

edit retag flag offensive close merge delete

add a comment

1 Answer

Sort by » oldest newest most voted

answered 2022-04-09 23:00:00 +0000

lalupa
21 ●1 ●1

Yes, it is necessary to configure session management in HttpSecurity when using Spring Session. Spring Session provides a way to manage user sessions by storing session data outside of the application's own memory. However, to fully utilize Spring Session's capabilities, session management needs to be configured in the application's security configuration (HttpSecurity) to enable the handling of session expiration, invalidation, and creation. This ensures that user sessions are properly managed and secured.

edit flag offensive delete link

add a comment

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account. This space is reserved only for answers. If you would like to engage in a discussion, please instead post a comment under the question or an answer that you would like to discuss

Add Answer

Question Tools

Stats

Asked: 2022-08-09 11:00:00 +0000

Seen: 7 times

Last updated: Apr 09 '22

If I am using Spring Session, is it necessary to set up sessionManagement in HttpSecurity? edit

1 Answer