Solved: Unwanted Anonymous Redirect to Login Page - Hybris...

aocabral · ‎2020 Mar 06

Hi,

In my current project we are implemeting a B2B Portal where we have public catalog information (for anonymous users) and we also have the authenticated area for logged in users.

However, once in a while, when navigating through the public portal with an anonymous users, Hybris redirects us to the login page, which is an unwanted action.

I've noticed that it happens after some time of inactivity, likely when the 30 minutes session times out. But again, the user is already anonymous and should not be redirected to login.

I've checked all sprint security files and confirmed that all my endpoints in the public website doesn't have a RequireHardLoggin anotication.

Do you know whats happening?

former_member869031 · ‎2022 Aug 18

This is resolved editing the arquive spring-security-config.xml. In this arquive, had a line with the configuration below, so edit the value of field "invalid-session-url" putting the URL of endpoint that you prefer, like this example:

Default Line:
<security:session-management session-authentication-strategy-ref="fixation" invalid-session-url="/login" />

Example with redirect to HomePage:
<security:session-management session-authentication-strategy-ref="fixation" invalid-session-url="/" />

Unwanted Anonymous Redirect to Login Page - Hybris SAP Commerce

Know the answer?

Need more details?

Accepted Solutions (1)

Accepted Solutions (1)

Answers (0)