Package org.springframework.security.web.session
package org.springframework.security.web.session
Session management filters,
HttpSession
events and publisher classes.-
ClassDescriptionFilter required by concurrent session handling package.Published by the
HttpSessionEventPublisher
when anHttpSession
is created by the containerPublished by theHttpSessionEventPublisher
when a HttpSession is removed from the containerDeclared in web.xml asPublished by theHttpSessionEventPublisher
when anHttpSession
ID is changed.An adapter ofInvalidSessionStrategy
toAccessDeniedHandler
Determines the behaviour of theSessionManagementFilter
when an invalid session Id is submitted and detected in theSessionManagementFilter
.Performs a redirect to the original request URL when an invalid requested session is detected by theSessionManagementFilter
.An event for when aSessionInformation
is expired.Determines the behaviour of theConcurrentSessionFilter
when an expired session is detected in theConcurrentSessionFilter
.Detects that a user has been authenticated since the start of the request and, if they have, calls the configuredSessionAuthenticationStrategy
to perform any session-related activity such as activating session-fixation protection mechanisms or checking for multiple concurrent logins.Performs a redirect to a fixed URL when an invalid requested session is detected by theSessionManagementFilter
.Performs a redirect to a fixed URL when an expired session is detected by theConcurrentSessionFilter
.