Overview  Package   Class  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

org.springframework.security.config.annotation.web.configurers
Class SessionManagementConfigurer.SessionFixationConfigurer

java.lang.Object
  extended by org.springframework.security.config.annotation.web.configurers.SessionManagementConfigurer.SessionFixationConfigurer
Enclosing class:
SessionManagementConfigurer<H extends HttpSecurityBuilder<H>>
public final class SessionManagementConfigurer.SessionFixationConfigurer
extends Object

Allows configuring SessionFixation protection

Constructor Summary
SessionManagementConfigurer.SessionFixationConfigurer()
           
 
Method Summary
 SessionManagementConfigurer<H> changeSessionId()
          Specifies that no session fixation protection should be enabled.
 SessionManagementConfigurer<H> migrateSession()
          Specifies that a new session should be created and the session attributes from the original HttpSession should be retained.
 SessionManagementConfigurer<H> newSession()
          Specifies that a new session should be created, but the session attributes from the original HttpSession should not be retained.
 SessionManagementConfigurer<H> none()
          Specifies that no session fixation protection should be enabled.
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

SessionManagementConfigurer.SessionFixationConfigurer

public SessionManagementConfigurer.SessionFixationConfigurer()
Method Detail

newSession

public SessionManagementConfigurer<H> newSession()
Specifies that a new session should be created, but the session attributes from the original HttpSession should not be retained.

Returns:
the SessionManagementConfigurer for further customizations

migrateSession

public SessionManagementConfigurer<H> migrateSession()
Specifies that a new session should be created and the session attributes from the original HttpSession should be retained.

Returns:
the SessionManagementConfigurer for further customizations

changeSessionId

public SessionManagementConfigurer<H> changeSessionId()
Specifies that no session fixation protection should be enabled. This may be useful when utilizing other mechanisms for protecting against session fixation. For example, if application container session fixation protection is already in use. Otherwise, this option is not recommended.

Returns:
the SessionManagementConfigurer for further customizations

none

public SessionManagementConfigurer<H> none()
Specifies that no session fixation protection should be enabled. This may be useful when utilizing other mechanisms for protecting against session fixation. For example, if application container session fixation protection is already in use. Otherwise, this option is not recommended.

Returns:
the SessionManagementConfigurer for further customizations
Overview  Package   Class  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD