-
Notifications
You must be signed in to change notification settings - Fork 5.8k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add ContinueRequestSessionInformationExpiredStrategy #14765
base: main
Are you sure you want to change the base?
Changes from all commits
File filter
Filter by extension
Conversations
Jump to
Diff view
Diff view
There are no files selected for viewing
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,36 @@ | ||
/* | ||
* Copyright 2024 the original author or authors. | ||
* | ||
* Licensed under the Apache License, Version 2.0 (the "License"); | ||
* you may not use this file except in compliance with the License. | ||
* You may obtain a copy of the License at | ||
* | ||
* https://www.apache.org/licenses/LICENSE-2.0 | ||
* | ||
* Unless required by applicable law or agreed to in writing, software | ||
* distributed under the License is distributed on an "AS IS" BASIS, | ||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | ||
* See the License for the specific language governing permissions and | ||
* limitations under the License. | ||
*/ | ||
|
||
package org.springframework.security.web.session; | ||
|
||
import jakarta.servlet.ServletException; | ||
import java.io.IOException; | ||
|
||
/** | ||
* A {@link SessionInformationExpiredStrategy} continues to execute subsequent filters | ||
* even after session expiration. | ||
* | ||
* @author Rosie Yang | ||
* @since 6.3 | ||
*/ | ||
public final class ContinueRequestSessionInformationExpiredStrategy implements SessionInformationExpiredStrategy { | ||
|
||
@Override | ||
public void onExpiredSessionDetected(SessionInformationExpiredEvent event) throws ServletException, IOException { | ||
event.getFilterChain().doFilter(event.getRequest(), event.getResponse()); | ||
} | ||
|
||
} |
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,5 +1,5 @@ | ||
/* | ||
* Copyright 2012-2016 the original author or authors. | ||
* Copyright 2012-2024 the original author or authors. | ||
* | ||
* Licensed under the Apache License, Version 2.0 (the "License"); | ||
* you may not use this file except in compliance with the License. | ||
|
@@ -16,6 +16,7 @@ | |
|
||
package org.springframework.security.web.session; | ||
|
||
import jakarta.servlet.FilterChain; | ||
import jakarta.servlet.http.HttpServletRequest; | ||
import jakarta.servlet.http.HttpServletResponse; | ||
|
||
|
@@ -27,6 +28,7 @@ | |
* An event for when a {@link SessionInformation} is expired. | ||
* | ||
* @author Rob Winch | ||
* @author Rosie Yang | ||
* @since 4.2 | ||
*/ | ||
public final class SessionInformationExpiredEvent extends ApplicationEvent { | ||
|
@@ -35,6 +37,8 @@ public final class SessionInformationExpiredEvent extends ApplicationEvent { | |
|
||
private final HttpServletResponse response; | ||
|
||
private final FilterChain filterChain; | ||
|
||
/** | ||
* Creates a new instance | ||
* @param sessionInformation the SessionInformation that is expired | ||
|
@@ -48,6 +52,17 @@ public SessionInformationExpiredEvent(SessionInformation sessionInformation, Htt | |
Assert.notNull(response, "response cannot be null"); | ||
this.request = request; | ||
this.response = response; | ||
this.filterChain = null; | ||
} | ||
|
||
public SessionInformationExpiredEvent(SessionInformation sessionInformation, HttpServletRequest request, | ||
HttpServletResponse response, FilterChain filterChain) { | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Instead of changing this constructor, a new constructor should be created accepting all those parameter + the There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. As you mentioned, I add new constructor below original constructor. But filterChain value need for new constructor i had to handle this in original constructor too. |
||
super(sessionInformation); | ||
Assert.notNull(request, "request cannot be null"); | ||
Assert.notNull(response, "response cannot be null"); | ||
this.request = request; | ||
this.response = response; | ||
this.filterChain = filterChain; | ||
} | ||
|
||
/** | ||
|
@@ -68,4 +83,7 @@ public SessionInformation getSessionInformation() { | |
return (SessionInformation) getSource(); | ||
} | ||
|
||
public FilterChain getFilterChain() { | ||
return this.filterChain; | ||
} | ||
} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Please add
@since 6.3
tooThere was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks! I changed too. I realized I need to pay more attention to contribution rules, sorry about that.