Strategy interface and implementations for handling session-related behaviour for a newly authenticated user.
Comes with support for:
- Protection against session-fixation attacks
- Controlling the number of sessions an authenticated user can have open
Interfaces
Classes
Exceptions
SessionAuthenticationException |
Thrown by an SessionAuthenticationStrategy to indicate that an authentication object is not valid for
the current session, typically because the same user has exceeded the number of sessions they are allowed to have
concurrently. |