How can I use Spring Security without sessions?

Question

I am building a web application with Spring Security that will live on Amazon EC2 and use Amazon\'s Elastic Load Balancers. Unfortunately, ELB does not support sticky sessio

Answer 1

In Spring Security 3 with Java Config, you can use HttpSecurity.sessionManagement():

@Override
protected void configure(final HttpSecurity http) throws Exception {
    http
        .sessionManagement()
            .sessionCreationPolicy(SessionCreationPolicy.STATELESS);
}