如何限制每个用户仅一个会话并阻止随后的登录尝试? [英] How to limit only one session per user and block the subsequent login attempt?
本文介绍了如何限制每个用户仅一个会话并阻止随后的登录尝试?的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!
问题描述
并发控制的默认行为是使原始会话到期.但是,我想通过显示消息用户已登录"来阻止使用相同凭据登录的第二个用户.我该怎么做?
The default behavior of concurrency control is to expire the original session. However, I would like to block the second user which is logging in with the same credentials with displaying message "User has already logged in". How can I accomplish this ?
以下是spring-security.xml的配置:
Below is the configuration of spring-security.xml:
<http auto-config="false" use-expressions="true">
<intercept-url pattern="/login*" access="permitAll"
requires-channel="https" />
<intercept-url pattern="/userHasLoggedIn" access="permitAll"
requires-channel="https" />
<intercept-url pattern="/j_spring_security_*" access="permitAll"
requires-channel="https" />
<intercept-url pattern="/session*" access="permitAll"
requires-channel="https" />
<form-login login-page="/login" authentication-failure-url="/loginFailed" />
<intercept-url pattern="/**" access="isAuthenticated()"
requires-channel="https" />
<session-management invalid-session-url="/sessionExpired" session-authentication-error-url="/loginAlready">
<concurrency-control error-if-maximum-exceeded="false" expired-url="/userHasLoggedIn" max-sessions="1"/>
</session-management>
<logout delete-cookies="JSESSIONID" />
</http>
(已更新)我最终的Spring安全配置:
(Updated) My final spring security configuration:
<http auto-config="false" use-expressions="true">
<intercept-url pattern="/login*" access="permitAll"
requires-channel="https" />
<form-login default-target-url="/home" login-page="/login" authentication-failure-url="/loginFailed" />
<intercept-url pattern="/**" access="isFullyAuthenticated()"
requires-channel="https" />
<session-management session-authentication-error-url="/loginFailed">
<concurrency-control expired-url="/loginFailed" error-if-maximum-exceeded="true" max-sessions="1"/>
</session-management>
<logout delete-cookies="JSESSIONID" />
</http>
推荐答案
查看全文