如何在每次创建会话时初始化应用程序 因为我面临的问题是 当一个用户登录我的应用程序时,会创建新会话 当另一个用户尝试在同一时间登录时,他看到第一个用户已登录,我需要知道如何为第二个用户初始化App而两个用户之间没有任何冲突 我的班级是
@Component
public class MyHttpSessionEventPublisher extends HttpSessionEventPublisher {
@Autowired
LoginBean loginBean;
@Override
public void sessionCreated(HttpSessionEvent event) {
super.sessionCreated(event);
event.getSession().getId();
// loginBean.setLoginDao(null);
System.out.println("Session id is : "+ event.getSession().getId());
System.out.println(">>>>>>>>>>>>>>>>>>>>>>> session created <<<<<<<<<<<<<<<<<<<<<<<<<");
}
@Override
public void sessionDestroyed(HttpSessionEvent event) {
//do something
super.sessionDestroyed(event);
System.out.println(">>>>>>>>>>>>>>>>>>>>>>> session destroyed <<<<<<<<<<<<<<<<<<<<<<<<<");
}
}
任何帮助请 Web.xml
<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns="http://java.sun.com/xml/ns/javaee" xmlns:web="http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd"
xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd"
version="2.5">
<context-param>
<param-name>javax.faces.STATE_SAVING_METHOD</param-name>
<param-value>client</param-value>
</context-param>
<!-- Add Support for Spring -->
<listener>
<listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
</listener>
<listener>
<listener-class>
org.springframework.web.context.request.RequestContextListener</listener-class>
</listener>
<listener>
<listener-class>com.sun.faces.config.ConfigureListener</listener-class>
</listener>
<!-- This Listener for listening on creating new session -->
<listener>
<listener-class>main.com.zc.attSys.security.beans.MyHttpSessionEventPublisher</listener-class>
</listener>
<welcome-file-list>
<welcome-file>index.xhtml</welcome-file>
</welcome-file-list>
<servlet>
<servlet-name>Faces Servlet</servlet-name>
<servlet-class>javax.faces.webapp.FacesServlet</servlet-class>
<load-on-startup>1</load-on-startup>
</servlet>
<servlet-mapping>
<servlet-name>Faces Servlet</servlet-name>
<url-pattern>*.xhtml</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>Faces Servlet</servlet-name>
<url-pattern>*.jsf</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>Faces Servlet</servlet-name>
<url-pattern>*.faces</url-pattern>
</servlet-mapping>
<!-- <context-param> <param-name>primefaces.THEME</param-name> <param-value>none</param-value>
</context-param> -->
<!-- This Part for Spring security Configurations -->
<filter>
<filter-name>springSecurityFilterChain</filter-name>
<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
</filter>
<filter-mapping>
<filter-name>springSecurityFilterChain</filter-name>
<url-pattern>/*</url-pattern>
<dispatcher>FORWARD</dispatcher>
<dispatcher>REQUEST</dispatcher>
<dispatcher>INCLUDE</dispatcher>
<dispatcher>ERROR</dispatcher>
</filter-mapping>
<!-- This Part for removing session id from URl
<filter>
<filter-name>URLSessionFilter</filter-name>
<filter-class>main.com.zc.attSys.security.beans.URLSessionFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>URLSessionFilter</filter-name>
<url-pattern>/*</url-pattern>
<dispatcher>REQUEST</dispatcher>
</filter-mapping>
-->
<context-param>
<param-name>contextConfigLocation</param-name>
<param-value>
/WEB-INF/applicationContext.xml
/WEB-INF/applicationContext-security.xml
</param-value>
</context-param>
<session-config>
<session-timeout>1</session-timeout>
</session-config>
</web-app>
applicationContext-Security.xml是
<beans:beans xmlns="http://www.springframework.org/schema/security"
xmlns:beans="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:context="http://www.springframework.org/schema/context" xmlns:tx="http://www.springframework.org/schema/tx"
xmlns:p="http://www.springframework.org/schema/p"
xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
http://www.springframework.org/schema/context
http://www.springframework.org/schema/context/spring-context-3.0.xsd
http://www.springframework.org/schema/tx
http://www.springframework.org/schema/tx/spring-tx-3.0.xsd
http://www.springframework.org/schema/security
http://www.springframework.org/schema/security/spring-security-3.1.xsd">
<context:property-placeholder location="classpath:resources/jdbc.properties" />
<!-- For Spring auto wiring -->
<tx:annotation-driven />
<context:annotation-config />
<context:component-scan base-package="main.com.zc.attSys" />
<tx:annotation-driven transaction-manager="hibernateTransactionManager" />
<http auto-config='true'>
<!-- <intercept-url pattern="/**" access="ROLE_USER"/> -->
<form-login username-parameter="Mail" password-parameter="Password"
login-page="/pages/courseFeedBack/ask/login.xhtml"
login-processing-url="/home.xhtml"
always-use-default-target="true"
authentication-failure-url="/pages/courseFeedBack/ask/login.xhtml"
/>
</http>
<!-- <authentication-manager> <authentication-provider> <user-service> <user
name="joseph" password="bagnes" authorities="Admin, User"/> <user name="bernabe"
password="jose" authorities="User"/> </user-service> </authentication-provider>
</authentication-manager> -->
<beans:bean id="daoAuthenticationProvider"
class="org.springframework.security.authentication.dao.DaoAuthenticationProvider">
<beans:property name="userDetailsService" ref="userDetailsService"></beans:property>
</beans:bean>
<beans:bean id="authenticationManager"
class="org.springframework.security.authentication.ProviderManager">
<beans:property name="providers">
<beans:list>
<beans:ref local="daoAuthenticationProvider" />
</beans:list>
</beans:property>
</beans:bean>
<authentication-manager>
<authentication-provider user-service-ref="userDetailsService">
</authentication-provider>
</authentication-manager>
</beans:beans>
答案 0 :(得分:1)
为了允许多个用户同时使用相同的用户名登录,我们可以使用http元素的并发控制功能,请参阅in the docs page 15:
<http>
<session-management>
<concurrency-control max-sessions=2 />
</session-management>
</http>
通过将此添加到web.xml来注意常见的陷阱,否则并发登录将不起作用:
<listener>
<listener-class>org.springframework.security.ui.session.HttpSessionEventPublisher</listener-class>
</listener>
有关相关常见问题,请参阅此FAQ。