Examples with SessionRegistry org.springframework.security.core.session.SessionRegistry used on opensource projects

Search in sources :

Example 1 with SessionRegistry

use of org.springframework.security.core.session.SessionRegistry in project spring-security by spring-projects.

the class SessionManagementConfigurer method createConccurencyFilter.

private ConcurrentSessionFilter createConccurencyFilter(H http) {
    SessionInformationExpiredStrategy expireStrategy = getExpiredSessionStrategy();
    SessionRegistry sessionRegistry = getSessionRegistry(http);
    if (expireStrategy == null) {
        return new ConcurrentSessionFilter(sessionRegistry);
    }
    return new ConcurrentSessionFilter(sessionRegistry, expireStrategy);
}
Also used : SessionInformationExpiredStrategy(org.springframework.security.web.session.SessionInformationExpiredStrategy) SimpleRedirectSessionInformationExpiredStrategy(org.springframework.security.web.session.SimpleRedirectSessionInformationExpiredStrategy) SessionRegistry(org.springframework.security.core.session.SessionRegistry) ConcurrentSessionFilter(org.springframework.security.web.session.ConcurrentSessionFilter)

Example 2 with SessionRegistry

use of org.springframework.security.core.session.SessionRegistry in project spring-security by spring-projects.

the class SessionManagementConfigurer method getSessionRegistry.

private SessionRegistry getSessionRegistry(H http) {
    if (this.sessionRegistry == null) {
        this.sessionRegistry = getBeanOrNull(SessionRegistry.class);
    }
    if (this.sessionRegistry == null) {
        SessionRegistryImpl sessionRegistry = new SessionRegistryImpl();
        registerDelegateApplicationListener(http, sessionRegistry);
        this.sessionRegistry = sessionRegistry;
    }
    return this.sessionRegistry;
}
Also used : SessionRegistry(org.springframework.security.core.session.SessionRegistry) SessionRegistryImpl(org.springframework.security.core.session.SessionRegistryImpl)

Example 3 with SessionRegistry

use of org.springframework.security.core.session.SessionRegistry in project spring-security by spring-projects.

the class SessionManagementConfigTests method autowireWhenConcurrencyControlIsSetThenLogoutHandlersGetAuthenticationObject.

/**
 * SEC-2057
 */
@Test
public void autowireWhenConcurrencyControlIsSetThenLogoutHandlersGetAuthenticationObject() throws Exception {
    this.spring.configLocations(xml("ConcurrencyControlCustomLogoutHandler")).autowire();
    MvcResult result = this.mvc.perform(get("/auth").with(httpBasic("user", "password"))).andExpect(session()).andReturn();
    MockHttpSession session = (MockHttpSession) result.getRequest().getSession(false);
    SessionRegistry sessionRegistry = this.spring.getContext().getBean(SessionRegistry.class);
    sessionRegistry.getSessionInformation(session.getId()).expireNow();
    // @formatter:off
    this.mvc.perform(get("/auth").session(session)).andExpect(header().string("X-Username", "user"));
// @formatter:on
}
Also used : SessionRegistry(org.springframework.security.core.session.SessionRegistry) MockHttpSession(org.springframework.mock.web.MockHttpSession) MvcResult(org.springframework.test.web.servlet.MvcResult) Test(org.junit.jupiter.api.Test)

Example 4 with SessionRegistry

use of org.springframework.security.core.session.SessionRegistry in project spring-security by spring-projects.

the class NamespaceSessionManagementTests method authenticateWhenUsingExpiredUrlThenMatchesNamespace.

@Test
public void authenticateWhenUsingExpiredUrlThenMatchesNamespace() throws Exception {
    this.spring.register(CustomSessionManagementConfig.class).autowire();
    MockHttpSession session = new MockHttpSession();
    SessionInformation sessionInformation = new SessionInformation(new Object(), session.getId(), new Date(0));
    sessionInformation.expireNow();
    SessionRegistry sessionRegistry = this.spring.getContext().getBean(SessionRegistry.class);
    given(sessionRegistry.getSessionInformation(session.getId())).willReturn(sessionInformation);
    this.mvc.perform(get("/auth").session(session)).andExpect(redirectedUrl("/expired-session"));
}
Also used : SessionInformation(org.springframework.security.core.session.SessionInformation) SessionRegistry(org.springframework.security.core.session.SessionRegistry) MockHttpSession(org.springframework.mock.web.MockHttpSession) Date(java.util.Date) Test(org.junit.jupiter.api.Test)

Example 5 with SessionRegistry

use of org.springframework.security.core.session.SessionRegistry in project spring-security by spring-projects.

the class NamespaceSessionManagementTests method authenticateWhenUsingSessionRegistryThenMatchesNamespace.

@Test
public void authenticateWhenUsingSessionRegistryThenMatchesNamespace() throws Exception {
    this.spring.register(CustomSessionManagementConfig.class, BasicController.class, UserDetailsServiceConfig.class).autowire();
    SessionRegistry sessionRegistry = this.spring.getContext().getBean(SessionRegistry.class);
    MockHttpServletRequestBuilder request = get("/auth").with(httpBasic("user", "password"));
    this.mvc.perform(request).andExpect(status().isOk());
    verify(sessionRegistry).registerNewSession(any(String.class), any(Object.class));
}
Also used : SessionRegistry(org.springframework.security.core.session.SessionRegistry) MockHttpServletRequestBuilder(org.springframework.test.web.servlet.request.MockHttpServletRequestBuilder) Test(org.junit.jupiter.api.Test)

Aggregations

SessionRegistry (org.springframework.security.core.session.SessionRegistry)19 Test (org.junit.jupiter.api.Test)13 MockHttpSession (org.springframework.mock.web.MockHttpSession)11 ConcurrentSessionFilter (org.springframework.security.web.session.ConcurrentSessionFilter)11 MockFilterChain (org.springframework.mock.web.MockFilterChain)9 MockHttpServletRequest (org.springframework.mock.web.MockHttpServletRequest)9 MockHttpServletResponse (org.springframework.mock.web.MockHttpServletResponse)9 Date (java.util.Date)7 SessionInformation (org.springframework.security.core.session.SessionInformation)6 ArgumentMatchers.anyString (org.mockito.ArgumentMatchers.anyString)4 SessionRegistryImpl (org.springframework.security.core.session.SessionRegistryImpl)4 RedirectStrategy (org.springframework.security.web.RedirectStrategy)4 SimpleRedirectSessionInformationExpiredStrategy (org.springframework.security.web.session.SimpleRedirectSessionInformationExpiredStrategy)4 FilterChain (jakarta.servlet.FilterChain)3 LogoutHandler (org.springframework.security.web.authentication.logout.LogoutHandler)2 SecurityContextLogoutHandler (org.springframework.security.web.authentication.logout.SecurityContextLogoutHandler)2 SessionInformationExpiredStrategy (org.springframework.security.web.session.SessionInformationExpiredStrategy)2 HttpServletRequest (jakarta.servlet.http.HttpServletRequest)1 AuthenticationCredentialsNotFoundException (org.springframework.security.authentication.AuthenticationCredentialsNotFoundException)1 CompositeSessionAuthenticationStrategy (org.springframework.security.web.authentication.session.CompositeSessionAuthenticationStrategy)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial