GRAILS:如何通过spring security core插件获取当前登录用户的数量? [英] GRAILS: how to get the number of currently signed in users via spring security core plugin?
问题描述
我的问题是,我想限制可以同时登录到我的应用程序的用户数量(该值存储在数据库中)。首先我试图用tomcat或其他Web容器中的一些配置来做到这一点 - 但存在的问题是,如果用户没有登录(显示登录页面还需要在tomcat中进行会话),也会使用会话。 。所以我需要检查有多少用户真正登录。
i've为acegi插件找到了很多代码示例,但对springsecurity core插件没有什么帮助。
截至目前为止:
在resources.groovy中我定义了我的bean:
beans = {
sessionRegistry(org.springframework.security.concurrent.SessionRegistryImpl)
concurrentSessionController(org.springframework.security.concurrent。 ConcurrentSessionControllerImpl){
sessionRegistry = ref('sessionRegistry')
maximumSessions = -1
}
}
在BootStrap.groovy中,初始化请求是:
$ b $ pre $ class BootStrap {
def springSecurityService
def authenticationManager
def concurrentSessionController
def securityContextPersistenceFilter
def init = {servletContext - >
authenticationManager.sessionController = concurrentSessionController
...
和Config.groovy我添加了:
grails.plugins.springsecurity.providerNames = ['concurrentSessionController','daoAuthenticationProvider','anonymousAuthenticationProvider', 'rememberMeAuthenticationProvider']
但是一旦应用程序启动(grails run-app) ,当它试图配置SpringSecurity时:
...
运行Grails应用程序..
配置Spring Security ...
应用程序上下文关闭...
应用程序上下文关闭。
limepix @ turbo:〜/ develop / testproject
我为我的应用程序配置了日志记录 - 我的日志文件中的内容/最后一项是:
2011-07-11 11:19:43 [error] ERROR context.GrailsContextLoader - 执行引导程序时出错:未定义名为'concurrentSessionController'的bean
org.springframework.beans.factory.NoSuchBeanDefinitionException:在SpringSecurityCoreGrailsPlugin $ _createBeanList_closure22.doCall(SpringSecurityCoreGrailsPlugin)中未定义名为'concurrentSessionController'的bean
(SpringSecurityCoreGrailsPlugin.groovy:648)
在SpringSecurityCoreGrailsPlugin.this $ 2 $ createBeanList(SpringSecurityCoreGrailsPlugin.groovy)
在SpringSecurityCoreGrailsPlugin $ _closure4.doCall(SpringSecurityCoreGrailsPlugin.groovy:648)
at SpringSecurityCoreGrailsPlugin.createBeanList :581)
at org.grails.tomcat.TomcatServer.start(TomcatServer.groovy:212 )
at grails.web.container.EmbeddableServer $ start.call(未知来源)
at _GrailsRun_groovy $ _run_closure5_closure12.doCall(_GrailsRun_groovy:158)
at _GrailsRun_groovy $ _run_closure5_closure12.doCall(_GrailsRun_groovy)
。在_GrailsSettings_groovy $ _run_closure10.doCall(_GrailsSettings_groovy:280)
。在_GrailsSettings_groovy $ _run_closure10.call(_GrailsSettings_groovy)
。在_GrailsRun_groovy $ _run_closure5.doCall(_GrailsRun_groovy:149)
。在_GrailsRun_groovy $ _run_closure5 (_GrailsRun_groovy)
at _GrailsRun_groovy.runInline(_GrailsRun_groovy:116)
at _GrailsRun_groovy.this $ 4 $ runInline(_GrailsRun_groovy)
at _GrailsRun_groovy $ _run_closure1.doCall(_GrailsRun_groovy:59)
RunApp $ _run_closure1.doCall(RunApp.groovy:33)
at gant.Gant $ _dispatch_closure5.doCall(Gant.groovy:381)
at gant.Gant $ _dispatch_closure7.doCall(Gant.groovy: 415)
在gant.Gant $ _dispatch_closure7.doCall(Gant.groovy)
at gant.Gant.withBuildListeners(Gant.groovy:427)
at gant.Gant.this $ 2 $ withBuildListeners(Gant.groovy)
at gant.Gant $ this $ 2 $ withBuildListeners.callCurrent(Unknown Source)
at gant.Gant.dispatch(Gant.groovy:415)
at gant.Gant.this $ 2 $ dispatch(Gant。 (gant.groovy)
at gant.invokeMethod(Gant.groovy)
at gant.Gant.executeTargets(Gant.groovy:590)
at gant.Gant.executeTargets(Gant.groovy:589 )
也许有人可以将我指向一些文档,示例或者可以直接告诉我,如何获取
来自纽伦堡,德国的问候
limepix
感谢您的回答!现在我明白了......
我采取的步骤是:定义bean:
导入org.springframework.security.web.authentication.session.ConcurrentSessionControlStrategy
导入org.springframework.security.web.session。 ConcurrentSessionFilter
import org.springframework.security.core.session.SessionRegistryImpl
import org.springframework.security.web.authentication.session.SessionAuthenticationStrategy
beans = {
sessionRegistry(SessionRegistryImpl)
$ b $ sessionAuthenticationStrategy(ConcurrentSessionControlStrategy,sessionRegistry){
maximumSessions = -1
}
concurrentSessionFilter(ConcurrentSessionFilter){
sessionRegistry = sessionRegistry
expiredUrl ='/ login / concurrentSession'
}
}
然后在我的控制器中注入:
类SystemController {
def sessionRegistry
以及支票,目前有多少个会话在使用:
def sessioncount = {
def cnt = 0
sessionRegistry.getAllPrincipals()。each {
cnt + = sessionRegistry.getAllSessions(it,false).size()
}
render cnt
}
必须执行的其他步骤:
- 从grails(grails install-templates)安装模板
-
将侦听器添加到web中。 xml:
< listener>
< listener-class> org.springframework.security.web.session.HttpSessionEventPublisher< / listener-class>
< / listener>
现在可以使用了!
太好了! )(现在接下来的步骤是 - 定义一个eventlistener(当用户登录时)检查许可证(会话)的数量并允许或拒绝对他的访问。但我认为那并不棘手......我们会看到......)
my problem is, that i want to limit the number of users that can simultaneously be logged in my application (this value is stored in the database). first i tried to do that with some configuration in tomcat or other web containers - but there´s the problem, that a session is used also if a user is not logged in (displaying the login page also needs a session in tomcat)... so i need to check how many users are "really" logged in. i´ve found quite a lot code examples for the acegi plugin, but nothing really helpful about the springsecurity core plugin.
my snippets so far:
in resources.groovy i´ve defined my beans:
beans = {
sessionRegistry(org.springframework.security.concurrent.SessionRegistryImpl)
concurrentSessionController(org.springframework.security.concurrent.ConcurrentSessionControllerImpl) {
sessionRegistry = ref('sessionRegistry')
maximumSessions = -1
}
}
in BootStrap.groovy the begging of the init is :
class BootStrap {
def springSecurityService
def authenticationManager
def concurrentSessionController
def securityContextPersistenceFilter
def init = { servletContext ->
authenticationManager.sessionController = concurrentSessionController
...
and in Config.groovy i´ve added :
grails.plugins.springsecurity.providerNames = ['concurrentSessionController', 'daoAuthenticationProvider', 'anonymousAuthenticationProvider', 'rememberMeAuthenticationProvider']
but then as soon as the application starts (grails run-app), it crashes, when it tries to configure the SpringSecury :
...
Running Grails application..
Configuring Spring Security ...
Application context shutting down...
Application context shutdown.
limepix@turbo:~/develop/testproject$
i have configured logging for my application - the content / the last entry in my logfile is:
2011-07-11 11:19:43,071 [main] ERROR context.GrailsContextLoader - Error executing bootstraps: No bean named 'concurrentSessionController' is defined
org.springframework.beans.factory.NoSuchBeanDefinitionException: No bean named 'concurrentSessionController' is defined
at SpringSecurityCoreGrailsPlugin$_createBeanList_closure22.doCall(SpringSecurityCoreGrailsPlugin.groovy:648)
at SpringSecurityCoreGrailsPlugin.createBeanList(SpringSecurityCoreGrailsPlugin.groovy:648)
at SpringSecurityCoreGrailsPlugin.this$2$createBeanList(SpringSecurityCoreGrailsPlugin.groovy)
at SpringSecurityCoreGrailsPlugin$_closure4.doCall(SpringSecurityCoreGrailsPlugin.groovy:581)
at org.grails.tomcat.TomcatServer.start(TomcatServer.groovy:212)
at grails.web.container.EmbeddableServer$start.call(Unknown Source)
at _GrailsRun_groovy$_run_closure5_closure12.doCall(_GrailsRun_groovy:158)
at _GrailsRun_groovy$_run_closure5_closure12.doCall(_GrailsRun_groovy)
at _GrailsSettings_groovy$_run_closure10.doCall(_GrailsSettings_groovy:280)
at _GrailsSettings_groovy$_run_closure10.call(_GrailsSettings_groovy)
at _GrailsRun_groovy$_run_closure5.doCall(_GrailsRun_groovy:149)
at _GrailsRun_groovy$_run_closure5.call(_GrailsRun_groovy)
at _GrailsRun_groovy.runInline(_GrailsRun_groovy:116)
at _GrailsRun_groovy.this$4$runInline(_GrailsRun_groovy)
at _GrailsRun_groovy$_run_closure1.doCall(_GrailsRun_groovy:59)
at RunApp$_run_closure1.doCall(RunApp.groovy:33)
at gant.Gant$_dispatch_closure5.doCall(Gant.groovy:381)
at gant.Gant$_dispatch_closure7.doCall(Gant.groovy:415)
at gant.Gant$_dispatch_closure7.doCall(Gant.groovy)
at gant.Gant.withBuildListeners(Gant.groovy:427)
at gant.Gant.this$2$withBuildListeners(Gant.groovy)
at gant.Gant$this$2$withBuildListeners.callCurrent(Unknown Source)
at gant.Gant.dispatch(Gant.groovy:415)
at gant.Gant.this$2$dispatch(Gant.groovy)
at gant.Gant.invokeMethod(Gant.groovy)
at gant.Gant.executeTargets(Gant.groovy:590)
at gant.Gant.executeTargets(Gant.groovy:589)
maybe someone can point me to some docs, examples or can directly tell me, how to get the number of currently signed in users.
greeting from nuremberg, germany
limepix
Thanks for your answer! Now i got it...
The steps i took are:
Defining the beans:
import org.springframework.security.web.authentication.session.ConcurrentSessionControlStrategy
import org.springframework.security.web.session.ConcurrentSessionFilter
import org.springframework.security.core.session.SessionRegistryImpl
import org.springframework.security.web.authentication.session.SessionAuthenticationStrategy
beans = {
sessionRegistry(SessionRegistryImpl)
sessionAuthenticationStrategy(ConcurrentSessionControlStrategy, sessionRegistry) {
maximumSessions = -1
}
concurrentSessionFilter(ConcurrentSessionFilter){
sessionRegistry = sessionRegistry
expiredUrl = '/login/concurrentSession'
}
}
then in my controller i injected:
class SystemController {
def sessionRegistry
and the check, how many sessions are currently in use:
def sessioncount = {
def cnt = 0
sessionRegistry.getAllPrincipals().each{
cnt += sessionRegistry.getAllSessions(it, false).size()
}
render cnt
}
additional steps that must be made:
- install templates from grails (grails install-templates)
add listener to web.xml:
<listener> <listener-class>org.springframework.security.web.session.HttpSessionEventPublisher</listener-class> </listener>
and now it works!
great! :)
(now the next steps are - defining an eventlistener (when the user logs in) check the number of licenses(sessions) and permit or deny access to him. but i think that´s not that tricky... we´ll see...)
这篇关于GRAILS:如何通过spring security core插件获取当前登录用户的数量?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
