Package | Description |
---|---|
org.springframework.security.config.annotation.web.builders | |
org.springframework.security.config.annotation.web.configurers |
Modifier and Type | Method and Description |
---|---|
SessionManagementConfigurer<HttpSecurity> |
HttpSecurity.sessionManagement()
Allows configuring of Session Management.
|
Modifier and Type | Method and Description |
---|---|
SessionManagementConfigurer<H> |
SessionManagementConfigurer.ConcurrencyControlConfigurer.and()
Used to chain back to the
SessionManagementConfigurer |
SessionManagementConfigurer<H> |
SessionManagementConfigurer.SessionFixationConfigurer.changeSessionId()
Specifies that the Servlet container-provided session fixation
protection should be used.
|
SessionManagementConfigurer<H> |
SessionManagementConfigurer.enableSessionUrlRewriting(boolean enableSessionUrlRewriting)
If set to true, allows HTTP sessions to be rewritten in the URLs when
using
HttpServletResponse.encodeRedirectURL(String) or
HttpServletResponse.encodeURL(String) , otherwise disallows HTTP
sessions to be included in the URL. |
SessionManagementConfigurer<H> |
SessionManagementConfigurer.invalidSessionUrl(String invalidSessionUrl)
Setting this attribute will inject the
SessionManagementFilter with a
SimpleRedirectInvalidSessionStrategy configured with the attribute value. |
SessionManagementConfigurer<H> |
SessionManagementConfigurer.SessionFixationConfigurer.migrateSession()
Specifies that a new session should be created and the session
attributes from the original
HttpSession should be
retained. |
SessionManagementConfigurer<H> |
SessionManagementConfigurer.SessionFixationConfigurer.newSession()
Specifies that a new session should be created, but the session
attributes from the original
HttpSession should not be
retained. |
SessionManagementConfigurer<H> |
SessionManagementConfigurer.SessionFixationConfigurer.none()
Specifies that no session fixation protection should be enabled.
|
SessionManagementConfigurer<H> |
SessionManagementConfigurer.sessionAuthenticationErrorUrl(String sessionAuthenticationErrorUrl)
Defines the URL of the error page which should be shown when the
SessionAuthenticationStrategy raises an exception.
|
SessionManagementConfigurer<H> |
SessionManagementConfigurer.sessionAuthenticationStrategy(SessionAuthenticationStrategy sessionAuthenticationStrategy)
Allows explicitly specifying the
SessionAuthenticationStrategy . |
SessionManagementConfigurer<H> |
SessionManagementConfigurer.sessionCreationPolicy(SessionCreationPolicy sessionCreationPolicy)
Allows specifying the
SessionCreationPolicy |
Copyright © 2019. All rights reserved.