Question
I'm creating a web project where I have to use my own authentication implementation (yes, I'm totally aware of the fact that it's not recommended but I have to do it this way...). Now, I want to create a new HttpSession for the logged in user once the authentication was successful but I can't find any source where something like this is done without the Spring Security Plugin in the back... what's the magic behind creating a new HttpSession for a user?
So, what I want to achieve is the following scenario
Login Page (user has already a session with a session id) --> User logs in --> check login credentials and create a new session with a new session id if the login was successful --> work with the new session for the logged in user.
I hope someone can help me with this as I really need it ;)
Solution
In your controller, can't you do something like
https://stackoverflow.com/questions/17782073
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
Russian// get rid of any existing session
session().invalidate()
// create a new session
request.session(true)
( I haven't checked the syntax for this ..... and I usually work in Java so it may well be wrong, but you get the drift )
