org.springframework.security.web.authentication.session.SessionAuthenticationStrategy |
![]() |
Allows pluggable support for HttpSession-related behaviour when an authentication occurs.
Typical use would be to make sure a session exists or to change the session Id to guard against session-fixation attacks.
Public Methods | |||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
Performs Http session-related functionality when a new authentication occurs.
|
Performs Http session-related functionality when a new authentication occurs.
SessionAuthenticationException | if it is decided that the authentication is not allowed for the session. This will typically be because the user has too many sessions open at once. |
---|