Package com.appiancorp.suiteapi.common.spring.security

Class CompositeSessionAuthenticationStrategy

java.lang.Object
com.appiancorp.suiteapi.common.spring.security.CompositeSessionAuthenticationStrategy
All Implemented Interfaces:
org.springframework.security.web.authentication.session.SessionAuthenticationStrategy
public class CompositeSessionAuthenticationStrategy extends Object implements org.springframework.security.web.authentication.session.SessionAuthenticationStrategy
Allows multiple SessionAuthenticationStrategy implementations to be executed as a single SessionAuthenticationStrategy. The delegate strategies are invoked sequentially in the order that they were given; if an exception is thrown by one of the delegate classes, execution stops and the exception is propagated.

Sample XML configuration:


<bean id="sessionAuthStrategy" class="com.appiancorp.suiteapi.common.spring.security.CompositeSessionAuthenticationStrategy">
  <constructor-arg>
    <list><ref bean="sessionFixationProtectionStrategy"/><ref bean="myCustomSessionStrategy"/></list>
  </constructor-arg>
</bean>
<bean id="sessionFixationProtectionStrategy" class="org.springframework.security.web.authentication.session.SessionFixationProtectionStrategy"/>
<bean id="myCustomSessionStrategy" class="com.example.security.auth.MyCustomSessionStrategy"/>

  • Constructor Summary

    Constructors
    Constructor
    Description
    CompositeSessionAuthenticationStrategy(List<org.springframework.security.web.authentication.session.SessionAuthenticationStrategy> delegateStrategies)
    Creates a new instance with the given delegate strategies which will be invoked when this strategy is executed.

  • Method Summary

    Modifier and Type
    Method
    Description
    protected List<org.springframework.security.web.authentication.session.SessionAuthenticationStrategy>
    getDelegateStrategies()
     
    void
    onAuthentication(org.springframework.security.core.Authentication authentication, javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response)
     
    String
    toString()
     

    Methods inherited from class java.lang.Object

    clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait

  • Constructor Details

    • CompositeSessionAuthenticationStrategy

      public CompositeSessionAuthenticationStrategy(List<org.springframework.security.web.authentication.session.SessionAuthenticationStrategy> delegateStrategies)
      Creates a new instance with the given delegate strategies which will be invoked when this strategy is executed.

  • Method Details

    • onAuthentication

      public void onAuthentication(org.springframework.security.core.Authentication authentication, javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response) throws org.springframework.security.web.authentication.session.SessionAuthenticationException
      Specified by:
      onAuthentication in interface org.springframework.security.web.authentication.session.SessionAuthenticationStrategy
      Throws:
      org.springframework.security.web.authentication.session.SessionAuthenticationException

    • getDelegateStrategies

      protected List<org.springframework.security.web.authentication.session.SessionAuthenticationStrategy> getDelegateStrategies()

    • toString

      public String toString()
      Overrides:
      toString in class Object