Currently the ConcurrentSessionFilter only allows for a redirectUrl to be set and it always uses a RedirectStrategy. However we are using a JS front-end (still with a http session) and would like to be able to send a custom status code for this situation instead of a redirect.
The SessionManagementFilter uses an InvalidSessionStrategy with the default being a SimpleRedirectInvalidSessionStrategy. It would be nice and beneficial of the ConcurrentSessionFilter could use the same abstraction allowing for a more flexible handling of concurrent sessions for different front ends.
Currently the
ConcurrentSessionFilteronly allows for aredirectUrlto be set and it always uses aRedirectStrategy. However we are using a JS front-end (still with a http session) and would like to be able to send a custom status code for this situation instead of a redirect.The
SessionManagementFilteruses anInvalidSessionStrategywith the default being aSimpleRedirectInvalidSessionStrategy. It would be nice and beneficial of theConcurrentSessionFiltercould use the same abstraction allowing for a more flexible handling of concurrent sessions for different front ends.