SEC-584: Require user to explicitly set SessionRegistry, so the implementation can benefit from application context services.

2025-07-16 23:33:31 +00:00 · 2007-12-02 03:00:26 +00:00 · 2007-12-02 03:00:26 +00:00 · 99c5479f9a
commit 99c5479f9a
parent c3dc3a3a4f
1 changed files with 1 additions and 1 deletions
--- a/core/src/main/java/org/acegisecurity/concurrent/ConcurrentSessionControllerImpl.java
+++ b/core/src/main/java/org/acegisecurity/concurrent/ConcurrentSessionControllerImpl.java
@ -40,7 +40,7 @@ public class ConcurrentSessionControllerImpl implements ConcurrentSessionControl
    //~ Instance fields ================================================================================================

    protected MessageSourceAccessor messages = AcegiMessageSource.getAccessor();
-    private SessionRegistry sessionRegistry = new SessionRegistryImpl();
+    private SessionRegistry sessionRegistry;
    private boolean exceptionIfMaximumExceeded = false;
    private int maximumSessions = 1;