Package org.springframework.security.web.session
Session management filters,
HttpSession events and publisher classes.-
Interface Summary Interface Description InvalidSessionStrategy Determines the behaviour of theSessionManagementFilterwhen an invalid session Id is submitted and detected in theSessionManagementFilter.SessionInformationExpiredStrategy Determines the behaviour of theConcurrentSessionFilterwhen an expired session is detected in theConcurrentSessionFilter. -
Class Summary Class Description ConcurrentSessionFilter Filter required by concurrent session handling package.HttpSessionCreatedEvent Published by theHttpSessionEventPublisherwhen anHttpSessionis created by the containerHttpSessionDestroyedEvent Published by theHttpSessionEventPublisherwhen a HttpSession is removed from the containerHttpSessionEventPublisher Declared in web.xml asHttpSessionIdChangedEvent Published by theHttpSessionEventPublisherwhen anHttpSessionID is changed.InvalidSessionAccessDeniedHandler An adapter ofInvalidSessionStrategytoAccessDeniedHandlerRequestedUrlRedirectInvalidSessionStrategy Performs a redirect to the original request URL when an invalid requested session is detected by theSessionManagementFilter.SessionInformationExpiredEvent An event for when aSessionInformationis expired.SessionManagementFilter Detects that a user has been authenticated since the start of the request and, if they have, calls the configuredSessionAuthenticationStrategyto perform any session-related activity such as activating session-fixation protection mechanisms or checking for multiple concurrent logins.SimpleRedirectInvalidSessionStrategy Performs a redirect to a fixed URL when an invalid requested session is detected by theSessionManagementFilter.SimpleRedirectSessionInformationExpiredStrategy Performs a redirect to a fixed URL when an expired session is detected by theConcurrentSessionFilter.