Update max sessions docs

Add WebSessionStore constructor parameter to the handler

Issue gh-6192

docs/modules/ROOT/pages/reactive/authentication/concurrent-sessions-control.adoc

@@ -202,13 +202,13 @@ Java::
 [source,java,role="primary"]
 ----
 @Bean
-SecurityWebFilterChain filterChain(ServerHttpSecurity http) {
+SecurityWebFilterChain filterChain(ServerHttpSecurity http, DefaultWebSessionManager webSessionManager) {
     http
         // ...
         .sessionManagement((sessions) -> sessions
             .concurrentSessions((concurrency) -> concurrency
                 .maximumSessions(SessionLimit.of(1))
-                .maximumSessionsExceededHandler(new PreventLoginMaximumSessionsExceededHandler())
+                .maximumSessionsExceededHandler(new PreventLoginMaximumSessionsExceededHandler(webSessionManager.getSessionStore()))
             )
         );
     return http.build();
@@ -225,13 +225,13 @@ Kotlin::
 [source,kotlin,role="secondary"]
 ----
 @Bean
-open fun springSecurity(http: ServerHttpSecurity): SecurityWebFilterChain {
+open fun springSecurity(http: ServerHttpSecurity, webSessionManager: DefaultWebSessionManager): SecurityWebFilterChain {
     return http {
         // ...
         sessionManagement {
             sessionConcurrency {
                 maximumSessions = SessionLimit.of(1)
-                maximumSessionsExceededHandler = PreventLoginMaximumSessionsExceededHandler()
+                maximumSessionsExceededHandler = PreventLoginMaximumSessionsExceededHandler(webSessionManager.sessionStore)
             }
         }
     }
@@ -380,6 +380,11 @@ public class SessionControl {
 ----
 ======
 
+[NOTE]
+====
+If you are not using the `WebSessionStoreReactiveSessionRegistry` as the implementation, and you want the `WebSession` to be invalidated as well, you will need to use the `WebSessionStore` to retrieve and invalidate the `WebSession`.
+====
+
 [[disabling-for-authentication-filters]]
 == Disabling It for Some Authentication Filters