ConcurrentSessionFilter supports InvalidSessionStrategy #3795
Description
Currently the ConcurrentSessionFilter only allows for a redirectUrl to be set and it always uses a RedirectStrategy. However we are using a JS front-end (still with a http session) and would like to be able to send a custom status code for this situation instead of a redirect.
The SessionManagementFilter uses an InvalidSessionStrategy with the default being a SimpleRedirectInvalidSessionStrategy. It would be nice and beneficial of the ConcurrentSessionFilter could use the same abstraction allowing for a more flexible handling of concurrent sessions for different front ends.