Announcement Announcement Module
Collapse
No announcement yet.
session-authentication-error-url doesn't work Page Title Module
Move Remove Collapse
X
Conversation Detail Module
Collapse
  • Filter
  • Time
  • Show
Clear All
new posts

  • session-authentication-error-url doesn't work

    hi,

    I'm trying to use session management to limit login acess to 1 max, but when the second user attemps to accss he's redirected to the authentication-failure-url and not to the session-authentication-error-url

    this is my config

    Code:
    <?xml version="1.0" encoding="UTF-8"?>
    <beans:beans xmlns="http://www.springframework.org/schema/security"
    	xmlns:beans="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
    	xsi:schemaLocation="http://www.springframework.org/schema/beans
    http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
    http://www.springframework.org/schema/security
    http://www.springframework.org/schema/security/spring-security-3.0.xsd">
    
    <http  access-denied-page="/index" auto-config="true"> 
    	<intercept-url pattern="/login*" access="IS_AUTHENTICATED_ANONYMOUSLY" />
    	<intercept-url pattern="/logout" access="IS_AUTHENTICATED_ANONYMOUSLY" />
    	<intercept-url pattern="/sessionexpired" access="IS_AUTHENTICATED_ANONYMOUSLY" />
    	<intercept-url pattern="/sessionexceeded" access="IS_AUTHENTICATED_ANONYMOUSLY" />
    	<intercept-url pattern="/attemptlimit"  access="IS_AUTHENTICATED_ANONYMOUSLY" />
    	<intercept-url pattern="/resources/**" access="IS_AUTHENTICATED_ANONYMOUSLY" />
    	<intercept-url pattern="/**" access="ROLE_ADM, ROLE_PHY, ROLE_PAT" />
    	<form-login  authentication-failure-url="/loginfailed" login-page="/login" default-target-url="/dashboard" />
    	<logout logout-success-url="/logout" invalidate-session="true" />
       <session-management  session-authentication-error-url="/sessionexpired">
           <concurrency-control max-sessions="1" error-if-maximum-exceeded="true"/>
    </session-management>
      </http>
    <authentication-manager>
       	<authentication-provider ref="serviceAuthentication"/>
    </authentication-manager>
    
    <beans:bean class="fr.portal.service.ServiceAuthentication"/>
    <beans:bean class="org.springframework.security.web.access.expression.DefaultWebSecurityExpressionHandler" />
    </beans:beans>
Working...
X