Java Code Examples for org.springframework.security.web.authentication.session.SessionAuthenticationStrategy

The following examples show how to use org.springframework.security.web.authentication.session.SessionAuthenticationStrategy. These examples are extracted from open source projects. You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
Source Project: haven-platform   Source File: TokenAuthFilterConfigurer.java    License: Apache License 2.0 6 votes vote down vote up
@Override
public void configure(H http) throws Exception {

    AuthenticationTokenFilter af = getAuthenticationFilter();
    if(authenticationDetailsSource != null) {
        af.setAuthenticationDetailsSource(authenticationDetailsSource);
    }
    af.setAuthenticationManager(http.getSharedObject(AuthenticationManager.class));
    af.setAuthenticationSuccessHandler(new AuthenticationStubSuccessHandler());
    SessionAuthenticationStrategy sessionAuthenticationStrategy = http.getSharedObject(SessionAuthenticationStrategy.class);
    if(sessionAuthenticationStrategy != null) {
        af.setSessionAuthenticationStrategy(sessionAuthenticationStrategy);
    }
    AuthenticationTokenFilter filter = postProcess(af);
    filter.setContinueChainAfterSuccessfulAuthentication(true);
    http.addFilterBefore(filter, BasicAuthenticationFilter.class);
}
 
Example 2
Source Project: Spring-Security-Third-Edition   Source File: SessionConfig.java    License: MIT License 5 votes vote down vote up
/**
 * sessionAuthenticationStrategy does not work in JavaConfig
 * @param sessionRegistry
 * @return
 */
@Bean
public SessionAuthenticationStrategy sessionAuthenticationStrategy(SessionRegistry sessionRegistry){
    return new ConcurrentSessionControlAuthenticationStrategy(sessionRegistry){{
        setMaximumSessions(-1);
    }};
}
 
Example 3
Source Project: Spring-Security-Third-Edition   Source File: SessionConfig.java    License: MIT License 5 votes vote down vote up
/**
     * sessionAuthenticationStrategy does not work in JavaConfig
     * @param sessionRegistry
     * @return
     */
//    @Bean
    public SessionAuthenticationStrategy sessionAuthenticationStrategy(SessionRegistry sessionRegistry){
        return new ConcurrentSessionControlAuthenticationStrategy(sessionRegistry){{
            setMaximumSessions(-1);
        }};
    }
 
Example 4
Source Project: cola   Source File: WebSessionConfiguration.java    License: MIT License 4 votes vote down vote up
@Bean
public SessionAuthenticationStrategy sessionAuthenticationStrategy(SessionRegistry sessionRegistry) {
	return new ConcurrentSessionControlAuthenticationStrategy(sessionRegistry);
}
 
Example 5
Source Project: devconf2019-authz   Source File: SecurityConfig.java    License: Apache License 2.0 4 votes vote down vote up
@Bean
@Override
protected SessionAuthenticationStrategy sessionAuthenticationStrategy() {
    return new RegisterSessionAuthenticationStrategy(new SessionRegistryImpl());
}
 
Example 6
Source Project: blog   Source File: PersonApplication.java    License: Apache License 2.0 4 votes vote down vote up
/**
 * Provide a session authentication strategy bean which should be of type
 * RegisterSessionAuthenticationStrategy for public or confidential applications
 * and NullAuthenticatedSessionStrategy for bearer-only applications.
 */
@Bean
@Override
protected SessionAuthenticationStrategy sessionAuthenticationStrategy() {
    return new RegisterSessionAuthenticationStrategy(new SessionRegistryImpl());
}
 
Example 7
Source Project: blog   Source File: PersonApplication.java    License: Apache License 2.0 4 votes vote down vote up
/**
 * Provide a session authentication strategy bean which should be of type
 * RegisterSessionAuthenticationStrategy for public or confidential applications
 * and NullAuthenticatedSessionStrategy for bearer-only applications.
 */
@Bean
@Override
protected SessionAuthenticationStrategy sessionAuthenticationStrategy() {
    return new RegisterSessionAuthenticationStrategy(new SessionRegistryImpl());
}
 
Example 8
@Override
public void configure(HttpSecurity builder) throws Exception {
	OAuth2ClientAuthenticationProcessingFilter ssoFilter = this.filter;
	ssoFilter.setSessionAuthenticationStrategy(builder.getSharedObject(SessionAuthenticationStrategy.class));
	builder.addFilterAfter(ssoFilter, AbstractPreAuthenticatedProcessingFilter.class);
}
 
Example 9
Source Project: atlas   Source File: AtlasSecurityConfig.java    License: Apache License 2.0 4 votes vote down vote up
@Bean
protected SessionAuthenticationStrategy sessionAuthenticationStrategy() {
    return new RegisterSessionAuthenticationStrategy(new SessionRegistryImpl());
}
 
Example 10
Source Project: teiid-spring-boot   Source File: SecurityConfig.java    License: Apache License 2.0 4 votes vote down vote up
@Bean
@Override
protected SessionAuthenticationStrategy sessionAuthenticationStrategy() {
    return new RegisterSessionAuthenticationStrategy(new SessionRegistryImpl());
}
 
Example 11
Source Project: Spring-Security-Third-Edition   Source File: SessionConfig.java    License: MIT License 4 votes vote down vote up
@Bean
public SessionManagementFilter sessionManagementFilter(SecurityContextRepository securityContextRepository,
                                                       SessionAuthenticationStrategy sessionAuthenticationStrategy){
    return new SessionManagementFilter(securityContextRepository, sessionAuthenticationStrategy);
}
 
Example 12
@Bean
@Override
protected SessionAuthenticationStrategy sessionAuthenticationStrategy() {
    return new RegisterSessionAuthenticationStrategy(new SessionRegistryImpl());
}
 
Example 13
Source Project: tutorials   Source File: SecurityConfig.java    License: MIT License 4 votes vote down vote up
@Bean
@Override
protected SessionAuthenticationStrategy sessionAuthenticationStrategy() {
    return new RegisterSessionAuthenticationStrategy(new SessionRegistryImpl());
}
 
Example 14
Source Project: jdal   Source File: SpringAuthManager.java    License: Apache License 2.0 4 votes vote down vote up
/**
 * @return the sessionStrategy
 */
public SessionAuthenticationStrategy getSessionStrategy() {
	return sessionStrategy;
}
 
Example 15
Source Project: jdal   Source File: SpringAuthManager.java    License: Apache License 2.0 4 votes vote down vote up
/**
 * @param sessionStrategy the sessionStrategy to set
 */
public void setSessionStrategy(SessionAuthenticationStrategy sessionStrategy) {
	this.sessionStrategy = sessionStrategy;
}
 
Example 16
/**
 * The session handling strategy which will be invoked immediately after an authentication request is
 * successfully processed by the <tt>AuthenticationManager</tt>. Used, for example, to handle changing of the
 * session identifier to prevent session fixation attacks.
 *
 * @param sessionAuthStrategy the implementation to use. If not set a null implementation is
 * used.
 */
public void setSessionAuthenticationStrategy(SessionAuthenticationStrategy sessionAuthStrategy) {
    this.sessionStrategy = sessionAuthStrategy;
}
 
Example 17
protected abstract SessionAuthenticationStrategy sessionAuthenticationStrategy();