acegi 限制用户同一时间登录次数

最新推荐文章于 2018-03-14 15:00:51 发布

iteye_16292

最新推荐文章于 2018-03-14 15:00:51 发布

阅读量245

点赞数

CC 4.0 BY-SA版权

分类专栏： spring 文章标签： Acegi Ant Java UI XML

本文链接：https://blog.youkuaiyun.com/iteye_16292/article/details/81618542

spring 专栏收录该内容

1 篇文章

订阅专栏

本文介绍如何通过配置web.xml和security.xml文件实现Acegi安全框架的会话管理和并发登录控制。主要内容包括设置过滤器、监听器、并发会话控制器等组件。

摘要生成于 C知道，由 DeepSeek-R1 满血版支持，前往体验 >

web.xml 中添加


	<filter>
		<filter-name>securityFilter</filter-name>
		<filter-class>
			org.acegisecurity.util.FilterToBeanProxy
		</filter-class>
		<init-param>
			<param-name>targetClass</param-name>
			<param-value>
				org.acegisecurity.util.FilterChainProxy
			</param-value>
		</init-param>
	</filter>


<listener>
  <listener-class>org.acegisecurity.ui.session.HttpSessionEventPublisher</listener-class>
</listener>

security.xml中添加



<bean id="filterChainProxy" class="org.acegisecurity.util.FilterChainProxy">
		<property name="filterInvocationDefinitionSource">
			<value>
                CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON
                PATTERN_TYPE_APACHE_ANT
                /**=concurrentSessionFilter,httpSessionContextIntegrationFilter.....other...
            </value>
		</property>
	</bean>
concurrentSessionFilter一定要在httpSessionContextIntegrationFilter前

	<bean id="authenticationManager" class="org.acegisecurity.providers.ProviderManager">
		<property name="providers">
			<list>
				<ref local="daoAuthenticationProvider" />
				<ref local="anonymousAuthenticationProvider" />
			</list>
		</property>
		<property name="sessionController">
			<ref bean="concurrentSessionController" />
		</property>
	</bean>


<bean id="channelProcessingFilter" class="org.acegisecurity.securechannel.ChannelProcessingFilter">
		<property name="channelDecisionManager" ref="channelDecisionManager" />
	</bean>

	<bean id="concurrentSessionController"
        class="org.acegisecurity.concurrent.ConcurrentSessionControllerImpl">
        <property name="maximumSessions">
            <value>1</value>  ＜－－－－限制登录的次数
        </property>
        <property name="sessionRegistry" ref="sessionRegistry" />
        <property name="exceptionIfMaximumExceeded" value="false" />  ＜－－false为踢出前一个登录用户，true为阻止当前正在登录的用户
    </bean>
    <bean id="sessionRegistry" class="org.acegisecurity.concurrent.SessionRegistryImpl" />
    <bean id="concurrentSessionFilter" class="org.acegisecurity.concurrent.ConcurrentSessionFilter">
        <property name="sessionRegistry" ref="sessionRegistry" />
        <property name="expiredUrl">
            <value>/</value>
        </property>
    </bean>

	<bean id="channelDecisionManager"
		class="org.acegisecurity.securechannel.ChannelDecisionManagerImpl">
		<property name="channelProcessors">
			<list>
				<bean class="org.acegisecurity.securechannel.SecureChannelProcessor" />
				<bean class="org.acegisecurity.securechannel.InsecureChannelProcessor" />
			</list>
		</property>
	</bean>