Announcement Announcement Module
Collapse
No announcement yet.
Session Related problem in Spring Security 3.1.0 RC3 Page Title Module
Move Remove Collapse
X
Conversation Detail Module
Collapse
  • Filter
  • Time
  • Show
Clear All
new posts

  • Session Related problem in Spring Security 3.1.0 RC3

    Hi All,
    we are using spring security 3.1.0 RC3. Our security-context.xml, looks like below
    Code:
    <security:form-login login-page="/login.jsp"
    			login-processing-url="/loginProcess" default-target-url="/mainLayout.htm"
    			authentication-failure-url="/login.jsp?login_error=1"
    			always-use-default-target="true" />
    		<security:logout logout-url="/logout"
    			logout-success-url="/logout_page.jsp" />
    		<security:session-management
    			session-authentication-strategy-ref="sas" />
    
    <bean id="sas"
    		class="com.security.authentication.ConcurrentSessionControlStrategyImpl">
    		<constructor-arg name="sessionRegistry" ref="sessionRegistry" />
    		<property name="exceptionIfMaximumExceeded" value="true" />
    	</bean>
    
    	<bean id="sessionRegistry"
    		class="org.springframework.security.core.session.SessionRegistryImpl" />
    Problem with this is, i log in using how many ever users, sessionRegistry.getAllPrincipals is always giving 1, so because of that, our concurrent login logic is failing, can anyone please let us know, where we are going wrong, or is it a known bug in Spring security 3.1.0 RC3, because, earlier we had used 3.0.5, and it was working absolutely fine.
Working...
X