Skip to content

SEC-2225: Concurrency Control Refactor #2449

New issue
New issue
Open
Open
SEC-2225: Concurrency Control Refactor#2449
Labels
type: jiraAn issue that was migrated from JIRAtype: taskA general task
@spring-projects-issues

Description

@spring-projects-issues
spring-projects-issues
opened on Jul 23, 2013

Rob Winch (Migrated from SEC-2225) said:

Right now concurrency control is tied to HttpSession. This means for authentication with a custom AuthenticationRegistry it does not work.

It also does not work with Http Basic. What does this mean though? Would we ever want to restrict the concurrent users with Http Basic? How would we know when it was a new user or an old user since we always authenticate?

We need to look into all the types of authentication and ensure concurrency control plays nicely with it. For example, remember me does not work with concurrency control SEC-2028

Metadata

Metadata

Assignees

No one assigned

    Labels

    type: jiraAn issue that was migrated from JIRAtype: taskA general task

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions