本文介绍如何在Grails应用中实现并发会话控制,包括配置并发会话控制器、过滤器及设置最大会话数等步骤。通过具体示例展示了如何在BootStrap类中初始化并发会话控制器,并在resources.groovy文件中定义相关bean。
1.Set the
concurrentSessionController
in Bootstrap:
class BootStrap {
def authenticationManager
def concurrentSessionController
def init = { servletContext ->
authenticationManager.sessionController = concurrentSessionController
}
def destroy = {}
}
2. then in resources.groovy I configured the missing concurrentSessionFilter
:
import org.springframework.security.concurrent.ConcurrentSessionControllerImpl
import org.springframework.security.concurrent.ConcurrentSessionFilter
import org.springframework.security.concurrent.SessionRegistryImpl
import org.springframework.security.providers.ProviderManager
beans = {
sessionRegistry(SessionRegistryImpl)
concurrentSessionController(ConcurrentSessionControllerImpl) {
maximumSessions = 1
sessionRegistry = sessionRegistry
}
concurrentSessionFilter(ConcurrentSessionFilter) {
sessionRegistry = sessionRegistry
expiredUrl = '/login/concurrentSession'
}
}
3. and took advantage of a new feature in the 0.3 version of
the plugin, being
able to specify the FilterChainProxy filter
list as a list of strings in
SecurityConfig.groovy:
filterNames = ['concurrentSessionFilter',
'httpSessionContextIntegrationFilter',
'logoutFilter',
'authenticationProcessingFilter',
'securityContextHolderAwareRequestFilter',
'rememberMeProcessingFilter',
'anonymousProcessingFilter',
'exceptionTranslationFilter',
'filterInvocationInterceptor'] 结论及其他:
1.本文引自nabble讨论:http://old.nabble.com/dealing-with-concurrent-session-in-acegi-and-grails-td18987010.html
2.另一个nabble讨论提到acegi plugin将在0.6版本纳入此功能:http://jira.codehaus.org/browse/GRAILSPLUGINS-962
扫一扫
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
