ConcurrentSessionFilter supports InvalidSessionStrategy #3795

Closed
mdeinum opened this Issue Apr 8, 2016 · 1 comment

Comments

Projects
None yet
2 participants
@mdeinum
Contributor

mdeinum commented Apr 8, 2016

Currently the ConcurrentSessionFilter only allows for a redirectUrl to be set and it always uses a RedirectStrategy. However we are using a JS front-end (still with a http session) and would like to be able to send a custom status code for this situation instead of a redirect.

The SessionManagementFilter uses an InvalidSessionStrategy with the default being a SimpleRedirectInvalidSessionStrategy. It would be nice and beneficial of the ConcurrentSessionFilter could use the same abstraction allowing for a more flexible handling of concurrent sessions for different front ends.

@rwinch

This comment has been minimized.

Show comment
Hide comment
@rwinch

rwinch Apr 8, 2016

Member

@mdeinum Thanks for the report! Any chance you would be interested in submitting a PR?

Member

rwinch commented Apr 8, 2016

@mdeinum Thanks for the report! Any chance you would be interested in submitting a PR?

mdeinum added a commit to mdeinum/spring-security that referenced this issue Apr 13, 2016

Configuration of session management strategies
This commit adds an ExpiredSessionStrategy for the ConcurrentSessionFilter
analogous to the InvalidSessionStrategy for the SessionManagementFilter. It also
adds a configuration option for both the InvalidSessionStrategy and
ExpiredSessionStrategy to the XML namespace and Java configuration.

Closes: gh-3794, gh-3795

@mdeinum mdeinum referenced this issue Apr 13, 2016

Closed

Configuration of session management strategies #3808

1 of 1 task complete

@rwinch rwinch closed this in b88418b Sep 15, 2016

@rwinch rwinch self-assigned this Sep 15, 2016

@rwinch rwinch added this to the 4.2.0 M1 milestone Sep 15, 2016

@rwinch rwinch changed the title from Let the ConcurrentSessionFilter use the InvalidSessionStrategy to ConcurrentSessionFilter supports InvalidSessionStrategy Sep 23, 2016

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment