List of usage examples for org.springframework.security.web.authentication.session SessionFixationProtectionStrategy SessionFixationProtectionStrategy
SessionFixationProtectionStrategy
From source file:de.itsvs.cwtrpc.security.AbstractRpcAuthenticationProcessingFilter.java
@Override public void afterPropertiesSet() throws ServletException { super.afterPropertiesSet(); Assert.notNull(getAuthenticationManager(), "'authenticationManager' must be specified"); if (getAuthenticationSuccessHandler() == null) { final DefaultRpcAuthenticationSuccessHandler handler; handler = new DefaultRpcAuthenticationSuccessHandler(); handler.setServletContext(getServletContext()); handler.afterPropertiesSet();/* w w w .ja v a2s. c o m*/ setAuthenticationSuccessHandler(handler); } if (getAuthenticationFailureHandler() == null) { final SimpleRpcAuthenticationFailureHandler handler; handler = new SimpleRpcAuthenticationFailureHandler(); handler.setServletContext(getServletContext()); handler.afterPropertiesSet(); setAuthenticationFailureHandler(handler); } if (getSessionAuthenticationStrategy() == null) { setSessionAuthenticationStrategy(new SessionFixationProtectionStrategy()); } if (getAuthenticationDetailsSource() == null) { setAuthenticationDetailsSource(new WebAuthenticationDetailsSource()); } if (getRememberMeServices() == null) { setRememberMeServices(new NullRememberMeServices()); } if (getRpcHttpSessionStrategy() == null) { setRpcHttpSessionStrategy(new DefaultRpcHttpSessionStrategy()); } }
From source file:de.itsvs.cwtrpc.security.RpcSessionManagementFilter.java
@Override public void afterPropertiesSet() throws ServletException { super.afterPropertiesSet(); Assert.notNull(getSecurityContextRepository(), "'securityContextRepository' must be specified"); if (getAuthenticationFailureHandler() == null) { final SimpleRpcAuthenticationFailureHandler handler; handler = new SimpleRpcAuthenticationFailureHandler(); handler.setServletContext(getServletContext()); handler.afterPropertiesSet();/* w w w . ja v a2s . c om*/ setAuthenticationFailureHandler(handler); } if (getSessionAuthenticationStrategy() == null) { setSessionAuthenticationStrategy(new SessionFixationProtectionStrategy()); } if (getInvalidSessionRedirectStrategy() == null) { final RpcRedirectStrategy redirectStrategy; redirectStrategy = new RpcRedirectStrategy(); redirectStrategy.setText(INVALID_SESSION_TEXT); setInvalidSessionRedirectStrategy(redirectStrategy); } if (getRpcHttpSessionStrategy() == null) { setRpcHttpSessionStrategy(new DefaultRpcHttpSessionStrategy()); } }