ChangeSessionIdAuthenticationStrategy (spring-security-docs-manual 5.5.3 API)

java.lang.Object
- org.springframework.security.web.authentication.session.AbstractSessionFixationProtectionStrategy
- - org.springframework.security.web.authentication.session.ChangeSessionIdAuthenticationStrategy

All Implemented Interfaces:

org.springframework.beans.factory.Aware, org.springframework.context.ApplicationEventPublisherAware, SessionAuthenticationStrategy
```
public final class ChangeSessionIdAuthenticationStrategy
extends AbstractSessionFixationProtectionStrategy
```
Uses HttpServletRequest.changeSessionId() to protect against session fixation attacks. This is the default implementation.

Since:

3.2

- Nested Class Summary
  - Nested classes/interfaces inherited from class org.springframework.security.web.authentication.session.AbstractSessionFixationProtectionStrategy
    AbstractSessionFixationProtectionStrategy.NullEventPublisher
- Field Summary
  - Fields inherited from class org.springframework.security.web.authentication.session.AbstractSessionFixationProtectionStrategy
    logger
- Constructor Summary
  
  Constructors
  Constructor Description
  
  ChangeSessionIdAuthenticationStrategy()
- Method Summary
  - Methods inherited from class org.springframework.security.web.authentication.session.AbstractSessionFixationProtectionStrategy
    onAuthentication, onSessionChange, setAlwaysCreateSession, setApplicationEventPublisher
  - Methods inherited from class java.lang.Object
    clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

- Constructor Detail
  - ChangeSessionIdAuthenticationStrategy
```
public ChangeSessionIdAuthenticationStrategy()
```