Allow configuration of InvalidSessionStrategy on SessionManagementConfigurer #3794

Closed
mdeinum opened this Issue Apr 8, 2016 · 3 comments

Comments

Projects
None yet
2 participants
@mdeinum
Contributor

mdeinum commented Apr 8, 2016

Currently the SessionManagementConfigurer allows for setting an invalidSessionUrl to be redirected to when the session is detected as invalid. However we would not like to send a redirect but instead send a custom status code.

Currently I would have to create an ObjectPostProcessor which overrides or sets the configured InvalidSessionStrategy.

@rwinch

This comment has been minimized.

Show comment
Hide comment
@rwinch

rwinch Apr 8, 2016

Member

@mdeinum Thanks for the issue. Any chance you would be interested in creating a PR?

Member

rwinch commented Apr 8, 2016

@mdeinum Thanks for the issue. Any chance you would be interested in creating a PR?

@mdeinum

This comment has been minimized.

Show comment
Hide comment
@mdeinum

mdeinum Apr 10, 2016

Contributor

@rwinch I'll see what I can come up with.

Contributor

mdeinum commented Apr 10, 2016

@rwinch I'll see what I can come up with.

@rwinch

This comment has been minimized.

Show comment
Hide comment
@rwinch

rwinch Apr 11, 2016

Member

Thanks!

Member

rwinch commented Apr 11, 2016

Thanks!

mdeinum added a commit to mdeinum/spring-security that referenced this issue Apr 13, 2016

Configuration of session management strategies
This commit adds an ExpiredSessionStrategy for the ConcurrentSessionFilter
analogous to the InvalidSessionStrategy for the SessionManagementFilter. It also
adds a configuration option for both the InvalidSessionStrategy and
ExpiredSessionStrategy to the XML namespace and Java configuration.

Closes: gh-3794, gh-3795

@mdeinum mdeinum referenced this issue Apr 13, 2016

Closed

Configuration of session management strategies #3808

1 of 1 task complete

mdeinum added a commit to mdeinum/spring-security that referenced this issue Apr 20, 2016

Configuration of session management strategies
This commit adds the possibility to configure the AuthenticationFailureHandler
of the SessionManagementFilter.

Closes: gh-3794

@rwinch rwinch closed this in b88418b Sep 15, 2016

rwinch added a commit that referenced this issue Sep 15, 2016

Configuration of session management strategies
This commit adds the possibility to configure the AuthenticationFailureHandler
of the SessionManagementFilter.

Fixes gh-3794

@rwinch rwinch added this to the 4.2.0 M1 milestone Sep 15, 2016

@rwinch rwinch self-assigned this Sep 15, 2016

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment