First off...thank you for taking the time to reply. Much appreciated. Also...I am sorry that I was not clearer in my initial posting. I am aware of your suggestion and it was the reason I posted in the first place. In my post I was hoping to determine if there was a far more direct and simple strategy for specifying this property other than customizing the ConcurrentSessionControlStrategy itself.
Originally Posted by rohan123
This was a road I'd already started down, but upon doing so and surveying the results the amount of custom bean configuration (outside the scope of the default http namespace configuration) seemed really unreasonable. All of it necessary only to specify this single property dynamically upon startup (and because a property configurer can not be applied within the max-sessions attribute of the <concurrency-control /> element).
The "rough" psuedo-configuration may be as follows. I am aware this may not be complete and the wiring needs tweaking...but the reason I post it is that it illustrates the extent of the customizations needed purely to apply the property configurer:
And then modification to the http namespace configuration that would be something similar to:
<property name="sessionRegistry" ref="sessionRegistry" />
<property name="sessionAuthenticationStrategy" ref="sas" />
<property name="authenticationManager" ref="authenticationManager" />
<constructor-arg name="sessionRegistry" ref="sessionRegistry" />
<property name="exceptionIfMaximumExceeded" value="true" />
<property name="loginFormUrl" value="/index.html" />
<!-- auto-config now set to false in order to allow for customizations -->
<security:http auto-config="false" use-expressions="true">
<!-- COMMENTED OUT as now replaced by session-authentication-strategy-ref above...
<security:custom-filter position="CONCURRENT_SESSION_FILTER" ref="concurrencyFilter" />
<security:custom-filter position="FORM_LOGIN_FILTER" ref="customAuthFilter" />
Thus, my posting was to determine if there was a direct way to handle this, but for which I'm not aware of.
Thanks again for the feedback,