HttpSession events and publisher classes.
| InvalidSessionStrategy | Determines the behaviour of the SessionManagementFilter when an invalid session Id is submitted and
detected in the SessionManagementFilter. |
| ConcurrentSessionFilter | Filter required by concurrent session handling package. |
| HttpSessionCreatedEvent | Published by the HttpSessionEventPublisher when an HttpSession is created by the container |
| HttpSessionDestroyedEvent | Published by the HttpSessionEventPublisher when a HttpSession is created in the container |
| HttpSessionEventPublisher | Declared in web.xml as
<listener>
<listener-class>org.springframework.security.web.session.HttpSessionEventPublisher</listener-class>
</listener>
Publishes HttpSessionApplicationEvents to the Spring Root WebApplicationContext. |
| SessionManagementFilter | Detects that a user has been authenticated since the start of the request and, if they have, calls the
configured SessionAuthenticationStrategy to perform any session-related activity such as
activating session-fixation protection mechanisms or checking for multiple concurrent logins. |
| SimpleRedirectInvalidSessionStrategy | Performs a redirect to a fixed URL when an invalid requested session is detected by the SessionManagementFilter. |