diff --git a/src/main/java/io/bagarino/config/WebSecurityConfig.java b/src/main/java/io/bagarino/config/WebSecurityConfig.java
index 40d0c789fa..749a1d096d 100644
--- a/src/main/java/io/bagarino/config/WebSecurityConfig.java
+++ b/src/main/java/io/bagarino/config/WebSecurityConfig.java
@@ -62,8 +62,8 @@ public CsrfTokenRepository getCsrfTokenRepository() {
 
     @Override
     protected void configure(HttpSecurity http) throws Exception {
-        http.sessionManagement()
-            //.invalidSessionUrl("/session-expired")
+        http.exceptionHandling()
+            .accessDeniedPage("/session-expired")
             .and()
             .csrf()
             .csrfTokenRepository(getCsrfTokenRepository())