Class RegisterSessionAuthenticationStrategy
- java.lang.Object
-
- org.springframework.security.web.authentication.session.RegisterSessionAuthenticationStrategy
-
- All Implemented Interfaces:
SessionAuthenticationStrategy
public class RegisterSessionAuthenticationStrategy extends java.lang.Object implements SessionAuthenticationStrategy
Strategy used to register a user with theSessionRegistry
after successfulAuthentication
.RegisterSessionAuthenticationStrategy
is typically used in combination withCompositeSessionAuthenticationStrategy
andConcurrentSessionControlAuthenticationStrategy
, but can be used on its own if tracking of sessions is desired but no need to control concurrency.NOTE: When using a
SessionRegistry
it is important that all sessions (including timed out sessions) are removed. This is typically done by addingHttpSessionEventPublisher
.- Since:
- 3.2
- See Also:
CompositeSessionAuthenticationStrategy
-
-
Constructor Summary
Constructors Constructor Description RegisterSessionAuthenticationStrategy(org.springframework.security.core.session.SessionRegistry sessionRegistry)
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description void
onAuthentication(org.springframework.security.core.Authentication authentication, javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response)
In addition to the steps from the superclass, the sessionRegistry will be updated with the new session information.
-
-
-
Method Detail
-
onAuthentication
public void onAuthentication(org.springframework.security.core.Authentication authentication, javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response)
In addition to the steps from the superclass, the sessionRegistry will be updated with the new session information.- Specified by:
onAuthentication
in interfaceSessionAuthenticationStrategy
-
-