Cwikius-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

SEC-486: Added determineExpiredUrl method to ConcurrentSessionFilter

This commit is contained in:
Luke Taylor 2008-01-31 16:25:50 +00:00
parent feadb3582a
commit feb790ea83
1 changed files with 8 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
core/src/main/java/org/springframework/security/concurrent/ConcurrentSessionFilter.java
View File

@ -75,8 +75,10 @@ public class ConcurrentSessionFilter extends SpringSecurityFilter implements Ini
// Expired - abort processing
doLogout(request, response);
if (expiredUrl != null) {
String targetUrl = request.getContextPath() + expiredUrl;
String targetUrl = determineExpiredUrl(request, info);
if (targetUrl != null) {
targetUrl = request.getContextPath() + targetUrl;
response.sendRedirect(response.encodeRedirectURL(targetUrl));
} else {
response.getWriter().print("This session has been expired (possibly due to multiple concurrent " +
@ -95,6 +97,10 @@ public class ConcurrentSessionFilter extends SpringSecurityFilter implements Ini
chain.doFilter(request, response);
}
protected String determineExpiredUrl(HttpServletRequest request, SessionInformation info) {
return expiredUrl;
}
private void doLogout(HttpServletRequest request, HttpServletResponse response) {
Authentication auth = SecurityContextHolder.getContext().getAuthentication();