Avoid direct links to login page

Question

I'm using spring security including remember-me feature:

<security:remember-me key="myKey" token-validity-seconds="2419200" user-service-ref="userDetailsService"/>

Now when i check remember-me checkbox, i can close browser and go to some app pages skipping the login page.

But i still can type myApp/login.jsp and go to the login page.

Is there any ways to avoid it? - I want to avoid any direct links to login page. User should be able to see login screen only if he hasn't logged in still, hasn't pressed "remember-me" button (and closed browser) or pressed logout button of my app.

duplicate of http://stackoverflow.com/questions/13131122/spring-security-redirect-if-already-logged-in — Jigar Parekh, Oct 30 '12 at 05:20
Yes, thanks a lot. I have found the answer in [link]http://stackoverflow.com/questions/13131122/spring-security-redirect-if-already-logged-in[/link]. I should only extend the controller mapped to my jsp page, check if user already logged in, and if so redirect it to another page. — A cup of tea, Oct 30 '12 at 05:43
possible duplicate of [How to redirect to the homepage if the user accesses the login page after being logged in?](http://stackoverflow.com/questions/12597519/how-to-redirect-to-the-homepage-if-the-user-accesses-the-login-page-after-being) — Grzegorz Rożniecki, Oct 30 '12 at 08:26

Avoid direct links to login page

0 Answers0