in Spring Security SAML, what tyep of SecurityContextRepository is being used? I've seen how you can define a bean in your context XML, but there isn't one...
What chooses or registers it?
Can I explicitly register a different one without issue, say I made an extension?
For version ref, using Spring Security SAML 1.0.1.
The SecurityContextPersistenceFilter defines which security context repository is used to save the security context between requests. The default repository is the HttpSessionSecurityContextRepository which stores the context in the HTTP session.
If you want to replace the repository you need to explicitly define the SecurityContextPersistenceFilter as a bean and swap in your own repository:
<bean id="securityContextPersistenceFilter"
class="org.springframework.security.web.context.SecurityContextPersistenceFilter">
<property name='securityContextRepository'>
<bean class='com.supercoder.security.CustomSecurityContextRepository'>
</bean>
</property>
</bean>