Spring security handle AJAX XHR request for logout users and response 401 instead of 302

I found this article with filter implementation:

Spring Security part VI : Session Timeout handling for Ajax calls

However in comment someone point that we can simply extend “LoginUrlAuthenticationEntryPoint”.

My solution sets only status 401 and doesn’t write anything to response body:

	static class AjaxAwareLoginUrlAuthenticationEntryPoint
			extends LoginUrlAuthenticationEntryPoint {

		public AjaxAwareLoginUrlAuthenticationEntryPoint(String loginFormUrl) {

		public void commence(HttpServletRequest request, HttpServletResponse response,
				AuthenticationException authException) throws IOException, ServletException {

			if (isAjaxRequest(request) && authException != null) {
			super.commence(request, response, authException);

		private static boolean isAjaxRequest(HttpServletRequest request) {
			return "XMLHttpRequest".equalsIgnoreCase(request.getHeader("X-Requested-With"));