首頁 探索 說明
註冊 登入
github
/
spring-security
镜像来自 https://github.com/spring-projects/spring-security
2
0
複刻 0
檔案 問題管理 0 Wiki
瀏覽代碼

SEC-486: Added determineExpiredUrl method to ConcurrentSessionFilter

Luke Taylor 17 年之前
父節點
feadb3582a
當前提交
feb790ea83
共有 1 個文件被更改,包括 8 次插入2 次删除
分割檢視 顯示文件統計
  1. 8 2
      core/src/main/java/org/springframework/security/concurrent/ConcurrentSessionFilter.java

+ 8 - 2
core/src/main/java/org/springframework/security/concurrent/ConcurrentSessionFilter.java
查看文件 

@@ -75,8 +75,10 @@ public class ConcurrentSessionFilter extends SpringSecurityFilter implements Ini
 
                     // Expired - abort processing
 
                     doLogout(request, response);
 
 
-                    if (expiredUrl != null) {
 
-                        String targetUrl = request.getContextPath() + expiredUrl;
 
+                    String targetUrl = determineExpiredUrl(request, info);
 
+
 
+                    if (targetUrl != null) {
 
+                        targetUrl = request.getContextPath() + targetUrl;
 
                         response.sendRedirect(response.encodeRedirectURL(targetUrl));
 
                     } else {
 
                         response.getWriter().print("This session has been expired (possibly due to multiple concurrent " +
 
@@ -95,6 +97,10 @@ public class ConcurrentSessionFilter extends SpringSecurityFilter implements Ini
 
         chain.doFilter(request, response);
 
     }
 
 
+    protected String determineExpiredUrl(HttpServletRequest request, SessionInformation info) {
 
+        return expiredUrl;
 
+    }
 
+
 
     private void doLogout(HttpServletRequest request, HttpServletResponse response) {
 
         Authentication auth = SecurityContextHolder.getContext().getAuthentication();