org.springframework.security.web.authentication.session
Class RegisterSessionAuthenticationStrategy
java.lang.Object
org.springframework.security.web.authentication.session.RegisterSessionAuthenticationStrategy
- All Implemented Interfaces:
- SessionAuthenticationStrategy
public class RegisterSessionAuthenticationStrategy
- extends Object
- implements SessionAuthenticationStrategy
Strategy used to register a user with the SessionRegistry after
successful Authentication.
RegisterSessionAuthenticationStrategy is typically used in
combination with CompositeSessionAuthenticationStrategy and
ConcurrentSessionControlAuthenticationStrategy, but can be used on
its own if tracking of sessions is desired but no need to control
concurrency.
NOTE: When using a SessionRegistry it is important that all sessions
(including timed out sessions) are removed. This is typically done by adding
HttpSessionEventPublisher.
- Since:
- 3.2
- See Also:
CompositeSessionAuthenticationStrategy
|
Method Summary |
void |
onAuthentication(Authentication authentication,
javax.servlet.http.HttpServletRequest request,
javax.servlet.http.HttpServletResponse response)
In addition to the steps from the superclass, the sessionRegistry will be updated with the new session information. |
| Methods inherited from class java.lang.Object |
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
RegisterSessionAuthenticationStrategy
public RegisterSessionAuthenticationStrategy(SessionRegistry sessionRegistry)
- Parameters:
sessionRegistry - the session registry which should be updated when the authenticated session is changed.
onAuthentication
public void onAuthentication(Authentication authentication,
javax.servlet.http.HttpServletRequest request,
javax.servlet.http.HttpServletResponse response)
- In addition to the steps from the superclass, the sessionRegistry will be updated with the new session information.
- Specified by:
onAuthentication in interface SessionAuthenticationStrategy