Class DefaultSessionAuthenticationStrategy

java.lang.Object
com.broadleafcommerce.auth.user.service.DefaultSessionAuthenticationStrategy
All Implemented Interfaces:
org.springframework.security.web.authentication.session.SessionAuthenticationStrategy

public class DefaultSessionAuthenticationStrategy extends Object implements org.springframework.security.web.authentication.session.SessionAuthenticationStrategy
This is used to set the session cookie after successful authentication. It is intended to be used for all authentication types. Each authentication flow should register its own AuthenticationStrategyDelegate to facilitate loading an OAuth2UserDetails from an Authentication.
  • Constructor Details

  • Method Details

    • onAuthentication

      public void onAuthentication(@NonNull @NonNull org.springframework.security.core.Authentication authentication, @NonNull @NonNull jakarta.servlet.http.HttpServletRequest request, @NonNull @NonNull jakarta.servlet.http.HttpServletResponse response) throws org.springframework.security.web.authentication.session.SessionAuthenticationException
      Specified by:
      onAuthentication in interface org.springframework.security.web.authentication.session.SessionAuthenticationStrategy
      Throws:
      org.springframework.security.web.authentication.session.SessionAuthenticationException
    • shouldSetCookie

      protected boolean shouldSetCookie(@NonNull @NonNull org.springframework.security.core.Authentication authentication, @NonNull @NonNull jakarta.servlet.http.HttpServletRequest request, @NonNull @NonNull jakarta.servlet.http.HttpServletResponse response)
      Determine if the session cookie should be set on the response.
      Parameters:
      authentication - The successful session authentication.
      request - The web request
      response - The web response
      Returns:
      True if the session cookie should be added to the response, false otherwise.
    • getOAuth2UserDetails

      protected OAuth2UserDetails getOAuth2UserDetails(@NonNull @NonNull org.springframework.security.core.Authentication authentication)
    • setSessionCookie

      protected void setSessionCookie(@NonNull @NonNull jakarta.servlet.http.HttpServletResponse response, @NonNull @NonNull OAuth2UserDetails oAuth2UserDetails)
    • getStatelessUtil

      protected StatelessUtil getStatelessUtil()
    • getAuthenticationStrategyDelegates

      protected List<AuthenticationStrategyDelegate> getAuthenticationStrategyDelegates()