diff --git a/config/src/main/kotlin/org/springframework/security/config/web/servlet/SessionManagementDsl.kt b/config/src/main/kotlin/org/springframework/security/config/web/servlet/SessionManagementDsl.kt index 813cc1b41b..d0972e49aa 100644 --- a/config/src/main/kotlin/org/springframework/security/config/web/servlet/SessionManagementDsl.kt +++ b/config/src/main/kotlin/org/springframework/security/config/web/servlet/SessionManagementDsl.kt @@ -39,6 +39,7 @@ class SessionManagementDsl { var sessionAuthenticationErrorUrl: String? = null var sessionAuthenticationFailureHandler: AuthenticationFailureHandler? = null var enableSessionUrlRewriting: Boolean? = null + var requireExplicitAuthenticationStrategy: Boolean? = null var sessionCreationPolicy: SessionCreationPolicy? = null var sessionAuthenticationStrategy: SessionAuthenticationStrategy? = null private var sessionFixation: ((SessionManagementConfigurer.SessionFixationConfigurer) -> Unit)? = null @@ -108,6 +109,7 @@ class SessionManagementDsl { internal fun get(): (SessionManagementConfigurer) -> Unit { return { sessionManagement -> invalidSessionUrl?.also { sessionManagement.invalidSessionUrl(invalidSessionUrl) } + requireExplicitAuthenticationStrategy?.also { sessionManagement.requireExplicitAuthenticationStrategy(requireExplicitAuthenticationStrategy!!) } invalidSessionStrategy?.also { sessionManagement.invalidSessionStrategy(invalidSessionStrategy) } sessionAuthenticationErrorUrl?.also { sessionManagement.sessionAuthenticationErrorUrl(sessionAuthenticationErrorUrl) } sessionAuthenticationFailureHandler?.also { sessionManagement.sessionAuthenticationFailureHandler(sessionAuthenticationFailureHandler) }