|
|||||||||
| PREV PACKAGE NEXT PACKAGE | FRAMES NO FRAMES | ||||||||
See:
Description
| Interface Summary | |
|---|---|
| SessionAuthenticationStrategy | Allows pluggable support for HttpSession-related behaviour when an authentication occurs. |
| Class Summary | |
|---|---|
| ChangeSessionIdAuthenticationStrategy | Uses HttpServletRequest#changeSessionId() to protect against session
fixation attacks. |
| CompositeSessionAuthenticationStrategy | A SessionAuthenticationStrategy that accepts multiple
SessionAuthenticationStrategy implementations to delegate to. |
| ConcurrentSessionControlAuthenticationStrategy | Strategy which handles concurrent session-control. |
| ConcurrentSessionControlStrategy | Deprecated. Use ConcurrentSessionControlAuthenticationStrategy instead |
| NullAuthenticatedSessionStrategy | |
| RegisterSessionAuthenticationStrategy | Strategy used to register a user with the SessionRegistry after
successful Authentication. |
| SessionFixationProtectionEvent | Indicates a session ID was changed for the purposes of session fixation protection. |
| SessionFixationProtectionStrategy | The default implementation of SessionAuthenticationStrategy when using < Servlet 3.1. |
| Exception Summary | |
|---|---|
| SessionAuthenticationException | Thrown by an SessionAuthenticationStrategy to indicate that an authentication object is not valid for the current session, typically because the same user has exceeded the number of sessions they are allowed to have concurrently. |
Strategy interface and implementations for handling session-related behaviour for a newly authenticated user.
Comes with support for:
|
|||||||||
| PREV PACKAGE NEXT PACKAGE | FRAMES NO FRAMES | ||||||||