Announcement Announcement Module
No announcement yet.
Retrieve sessions with SessionRegistry Page Title Module
Move Remove Collapse
Conversation Detail Module
  • Filter
  • Time
  • Show
Clear All
new posts

  • Retrieve sessions with SessionRegistry

    Hello everyone,

    I've seen a post about concurency control with blazeds ans spring security.
    I'm currently working on a project which has the same configuration (Spring/flex) and almost the same security-config.xml.

    What I want to do is create a simple SessionService, injecting SessionRegistry, to retrieve users' sessions.
    I understood that to use a SessionRegistry, I must put it in the constructor of a ConcurrentSessionControlStrategy (I'm ok with that, I'm not against more control over my user session!).

    The thing is that my SessionRegistry.getAllPrincipals() return an empty list (I inject it in a "SessionService" with @Resource).
    The authentication is handled by blazeDS on a amf-login channel and act like a "black box" for me.

    I can also retrieve my current custom UserDetails through the SecurityContextHolder, but I want to retrieve All my users' session for monitoring purpose...

    I'm new to spring and flex so sorry for lacking knowledge...

    Here is my security-config file, if someone find the time to have a look at it, it would be great!

    <?xml version="1.0" encoding="UTF-8"?>
    <beans xmlns=""
    	Security Configuration 
         <security:global-method-security secured-annotations="enabled" jsr250-annotations="enabled" pre-post-annotations="enabled"/>
         <security:authentication-manager alias="authenticationManager">
              <security:authentication-provider user-service-ref="authenticationUserService" >
                   <security:password-encoder hash="md5"/>
         <security:http auto-config="true" use-expressions="true" entry-point-ref="entryPoint">
              <security:session-management session-authentication-strategy-ref="sas"/>
                   <security:concurrency-control max-sessions="1" error-if-maximum-exceeded="true"/>
    	Bean declaration 
         <bean id="entryPoint" class="org.springframework.flex.security3.FlexAuthenticationEntryPoint"/>
         <bean id="authenticationUserService" class="my.package.AuthenticationManagerDaoImpl"> <!-- extends JdbcDaoImpl -->
              <property name="dataSource" ref="dataSource"/>
         <bean id="sas" class="">
              <constructor-arg name="sessionRegistry" ref="sessionRegistry" />
              <property name="maximumSessions" value="1" /> 
         <bean id="sessionRegistry" class="" />
    Any help or explanation about how to use SessionRegistry with a lookalike configuration would be greatly appreciated !
    Last edited by Cerrebos; Apr 28th, 2012, 05:57 AM.