Package org.springframework.security.web.session
Session management filters,
HttpSession
events and publisher classes.-
Interface Summary Interface Description InvalidSessionStrategy Determines the behaviour of theSessionManagementFilter
when an invalid session Id is submitted and detected in theSessionManagementFilter
.SessionInformationExpiredStrategy Determines the behaviour of theConcurrentSessionFilter
when an expired session is detected in theConcurrentSessionFilter
. -
Class Summary Class Description ConcurrentSessionFilter Filter required by concurrent session handling package.HttpSessionCreatedEvent Published by theHttpSessionEventPublisher
when anHttpSession
is created by the containerHttpSessionDestroyedEvent Published by theHttpSessionEventPublisher
when a HttpSession is removed from the containerHttpSessionEventPublisher Declared in web.xml asInvalidSessionAccessDeniedHandler An adapter ofInvalidSessionStrategy
toAccessDeniedHandler
SessionInformationExpiredEvent An event for when aSessionInformation
is expired.SessionManagementFilter Detects that a user has been authenticated since the start of the request and, if they have, calls the configuredSessionAuthenticationStrategy
to perform any session-related activity such as activating session-fixation protection mechanisms or checking for multiple concurrent logins.SimpleRedirectInvalidSessionStrategy Performs a redirect to a fixed URL when an invalid requested session is detected by theSessionManagementFilter
.SimpleRedirectSessionInformationExpiredStrategy Performs a redirect to a fixed URL when an expired session is detected by theConcurrentSessionFilter
.