Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-07-12 13:23:29 +00:00
Code Issues Packages Projects Releases Wiki Activity

SEC-486: Added determineExpiredUrl method to ConcurrentSessionFilter

Browse Source
This commit is contained in:
Luke Taylor 2008-01-31 16:25:50 +00:00
parent feadb3582a
commit feb790ea83
1 changed files with 8 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
core/src/main/java/org/springframework/security/concurrent/ConcurrentSessionFilter.java
View File

@ -75,8 +75,10 @@ public class ConcurrentSessionFilter extends SpringSecurityFilter implements Ini
// Expired - abort processing // Expired - abort processing
doLogout(request, response); doLogout(request, response);
if (expiredUrl != null) { String targetUrl = determineExpiredUrl(request, info);
String targetUrl = request.getContextPath() + expiredUrl;
if (targetUrl != null) {
targetUrl = request.getContextPath() + targetUrl;
response.sendRedirect(response.encodeRedirectURL(targetUrl)); response.sendRedirect(response.encodeRedirectURL(targetUrl));
} else { } else {
response.getWriter().print("This session has been expired (possibly due to multiple concurrent " + response.getWriter().print("This session has been expired (possibly due to multiple concurrent " +
@ -95,6 +97,10 @@ public class ConcurrentSessionFilter extends SpringSecurityFilter implements Ini
chain.doFilter(request, response); chain.doFilter(request, response);
} }
protected String determineExpiredUrl(HttpServletRequest request, SessionInformation info) {
return expiredUrl;
}
private void doLogout(HttpServletRequest request, HttpServletResponse response) { private void doLogout(HttpServletRequest request, HttpServletResponse response) {
Authentication auth = SecurityContextHolder.getContext().getAuthentication(); Authentication auth = SecurityContextHolder.getContext().getAuthentication();