File tree 3 files changed +10
-2
lines changed
src/main/java/eu/openanalytics/containerproxy/auth/impl
3 files changed +10
-2
lines changed Original file line number Diff line number Diff line change 55
66 <groupId >eu.openanalytics</groupId >
77 <artifactId >containerproxy</artifactId >
8- <version >0.8.8 </version >
8+ <version >0.8.9 </version >
99 <name >ContainerProxy</name >
1010 <packaging >jar</packaging >
1111
Original file line number Diff line number Diff line change 2121package eu .openanalytics .containerproxy .auth .impl ;
2222
2323import java .io .Serializable ;
24+ import java .util .Arrays ;
2425import java .util .Collection ;
2526import java .util .HashMap ;
2627import java .util .List ;
6566import org .springframework .security .core .session .SessionRegistryImpl ;
6667import org .springframework .security .web .AuthenticationEntryPoint ;
6768import org .springframework .security .web .authentication .logout .LogoutFilter ;
69+ import org .springframework .security .web .authentication .session .ChangeSessionIdAuthenticationStrategy ;
70+ import org .springframework .security .web .authentication .session .CompositeSessionAuthenticationStrategy ;
6871import org .springframework .security .web .authentication .session .RegisterSessionAuthenticationStrategy ;
6972import org .springframework .security .web .authentication .session .SessionAuthenticationStrategy ;
7073import org .springframework .security .web .authentication .www .BasicAuthenticationFilter ;
@@ -169,7 +172,10 @@ protected HttpSessionManager httpSessionManager() {
169172 @ Bean
170173 @ ConditionalOnProperty (name ="proxy.authentication" , havingValue ="keycloak" )
171174 protected SessionAuthenticationStrategy sessionAuthenticationStrategy () {
172- return new RegisterSessionAuthenticationStrategy (new SessionRegistryImpl ());
175+ return new CompositeSessionAuthenticationStrategy (Arrays .asList (
176+ new RegisterSessionAuthenticationStrategy (new SessionRegistryImpl ()),
177+ new ChangeSessionIdAuthenticationStrategy ()
178+ ));
173179 }
174180
175181 @ Bean
Original file line number Diff line number Diff line change 6969import org .springframework .security .web .authentication .logout .LogoutHandler ;
7070import org .springframework .security .web .authentication .logout .SecurityContextLogoutHandler ;
7171import org .springframework .security .web .authentication .logout .SimpleUrlLogoutSuccessHandler ;
72+ import org .springframework .security .web .authentication .session .ChangeSessionIdAuthenticationStrategy ;
7273import org .springframework .security .web .util .matcher .AntPathRequestMatcher ;
7374
7475import javax .inject .Inject ;
@@ -324,6 +325,7 @@ public SAMLProcessingFilter samlWebSSOProcessingFilter() throws Exception {
324325 samlWebSSOProcessingFilter .setAuthenticationManager (authenticationManager );
325326 samlWebSSOProcessingFilter .setAuthenticationSuccessHandler (successRedirectHandler ());
326327 samlWebSSOProcessingFilter .setAuthenticationFailureHandler (authenticationFailureHandler ());
328+ samlWebSSOProcessingFilter .setSessionAuthenticationStrategy (new ChangeSessionIdAuthenticationStrategy ());
327329 return samlWebSSOProcessingFilter ;
328330 }
329331
You can’t perform that action at this time.
0 commit comments