Skip to content

Improve session creation policy configuration #5518

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
jzheaux opened this issue Jul 16, 2018 · 0 comments
Closed

Improve session creation policy configuration #5518

jzheaux opened this issue Jul 16, 2018 · 0 comments
Assignees
@jzheaux
Labels
in: core An issue in spring-security-core type: enhancement A general enhancement
Milestone
5.1.0.M2

Comments

@jzheaux
Copy link
Contributor

jzheaux commented Jul 16, 2018

A user can already configure a session creation policy via the DSL:

http
    .sessionManagement()
        .sessionCreationPolicy(SessionCreationPolicy.STATELESS)

however, internally, configurers cannot do the same without potentially overriding what the user specified.

If we introduce a shared object that SessionManagementConfigurer uses to populate the user's configuration, then other configurers can better choose to override it or make other corresponding configurations.
@jzheaux jzheaux added in: core An issue in spring-security-core type: enhancement A general enhancement labels Jul 16, 2018
@jzheaux jzheaux self-assigned this Jul 16, 2018
@jzheaux jzheaux added this to the 5.1.0.M2 milestone Jul 16, 2018
jzheaux added a commit to jzheaux/spring-security that referenced this issue Jul 16, 2018
@jzheaux
Improved Session Creation Policy Configuration
2ea1f06 
Other configurers can now offer their preference on session creation
policy without trumping what a user provided via the
sessionCreationPolicy method.

This is valuable for configurer's like Resource Server that would like
to have session management be stateless, but not at the expense of the
user's direct configuration.

Fixes: spring-projectsgh-5518
@rwinch rwinch closed this as completed in ed20edd Jul 16, 2018
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@jzheaux jzheaux

Labels
in: core An issue in spring-security-core type: enhancement A general enhancement
Projects
None yet
Milestone
5.1.0.M2
Development

No branches or pull requests
1 participant
@jzheaux