I am using spring security v 3.1.3 in my web application. The application has an entry form for a single entry, configured with a custom filter in spring security. At the moment, my configurations allow the user to automatically log into the application if he opens a URL from a different tab in the same browser, which is the behavior of spring security session management.
I want to ensure that whenever a user logs in to the application, the session should not be divided into different tabs. When opening a new tab, he should get a login page and log in to create a new session in the same browser. At the moment, I could not find a way to do this using spring security. I would not mind integrating JsessionID into URLs, but it would be better if there is another way.
source
share