Describe the bug SessionManagement cannot manage a RememberMe authentication session.
To Reproduce
1. Turn on the RememMe and SessionManagement configurations.
2. Set the maximum number of concurrent sessions to 1.
3. Login to Client A.
4. Copy and delete the cookie:remember-me on Client A.
5. Use cookie:remember-me, login to Client B.
6. Refresh client A to check the login status.
Expected behavior
The session of Client A should become invalid after Client B login.
Actual result
Client A and Client B both are valid.
Sample remember-me-sample
Possible fixes Remove the following code:
RememberMeAuthenticationFilter#doFilter
line:125 this.securityContextRepository.saveContext(context, request, response);