Regarding Flex and Spring security

In my application there is a requirement to mantain 2 sessions per user.
But I am not able to handle it.

Here is the code


<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:security="http://www.springframework.org/schema/security"
xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schem...-beans-3.0.xsd
http://www.springframework.org/schema/security
http://www.springframework.org/schema/security/spring-security-3.0.xsd">

<security:global-method-security
secured-annotations="enabled" jsr250-annotations="enabled" />

<security:http entry-point-ref="preAuthenticatedEntryPoint">
<security:anonymous enabled="false" />
<security:session-management
session-authentication-strategy-ref="sas" >

</security:session-management>
</security:http>
<bean id="preAuthenticatedEntryPoint" class="org.springframework.flex.security3.FlexAuth enticationEntryPoint" />
<security:authentication-manager>
<security:authentication-provider>
<security:user-service>
<security:user name="john" password="john" authorities="ROLE_USER" />
<security:user name="admin" password="admin" authorities="ROLE_USER, ROLE_ADMIN" />
<security:user name="guest" password="guest" authorities="ROLE_GUEST" />
</security:user-service>
</security:authentication-provider>
</security:authentication-manager>


<bean id="sas" class="com.portal.login.ConcurrentSessionControlSt rategyImpl">
<constructor-arg name="sessionRegistry" ref="sessionRegistry">
</constructor-arg>
<property name="exceptionIfMaximumExceeded" value="true" />
</bean>

<bean id="sessionRegistry"
class="org.springframework.security.core.session.S essionRegistryImpl" />

</beans>

package com.portal.login;

import org.springframework.security.core.Authentication;
import org.springframework.security.core.session.SessionR egistry;
import org.springframework.security.web.authentication.se ssion.ConcurrentSessionControlStrategy;
/**
* @author PK0041117
*
*/
public class ConcurrentSessionControlStrategyImpl extends
ConcurrentSessionControlStrategy
{

/**
* @param sessionRegistry
*/
public ConcurrentSessionControlStrategyImpl(SessionRegist ry sessionRegistry) {
super(sessionRegistry);
System.out.println("it is here..");
}

/* (non-Javadoc)
* @see org.springframework.security.web.authentication.se ssion.ConcurrentSessionControlStrategy#getMaximumS essionsForThisUser(org.springframework.security.co re.Authentication)
*/
@Override
protected final int getMaximumSessionsForThisUser(Authentication authentication) {
System.out.println("Authentication Object is:"+authentication);
String username = authentication.getName();
System.out.println("Getting Maximum session for the user:"+username);
return 2;

}
}



I am using blazeds-turnkey-4.0.1.21287
and spring-flex-core-1.5.2.RELEASE.jar

It is accpeting login for specified username and password.
But I am not able to get the number of concurrent sessions for the user.
Please help me if anybody has done similar kind of configuartion.

Regards,
Salini

Web.xml

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE web-app PUBLIC "-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN" "http://java.sun.com/dtd/web-app_2_3.dtd">
<web-app>

<display-name>BlazeDS Spring Integration Application</display-name>
<description>BlazeDS Spring Integration Application</description>

<context-param>
<param-name>contextConfigLocation</param-name>
<param-value>
/WEB-INF/spring/*-config.xml
</param-value>
</context-param>

<filter>
<filter-name>springSecurityFilterChain</filter-name>
<filter-class>org.springframework.web.filter.DelegatingFil terProxy</filter-class>
</filter>

<filter-mapping>
<filter-name>springSecurityFilterChain</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>

<listener>
<listener-class>flex.messaging.HttpFlexSession</listener-class>
</listener>

<listener>
<listener-class>org.springframework.web.context.ContextLoade rListener</listener-class>
</listener>

<servlet>
<servlet-name>flex</servlet-name>
<servlet-class>org.springframework.web.servlet.DispatcherSe rvlet</servlet-class>
<load-on-startup>1</load-on-startup>
</servlet>


<servlet-mapping>
<servlet-name>flex</servlet-name>
<url-pattern>/messagebroker/*</url-pattern>
</servlet-mapping>

<welcome-file-list>
<welcome-file>index.html</welcome-file>
<welcome-file>index.htm</welcome-file>
</welcome-file-list>

</web-app>


Flex-Servlet.xml

<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:flex="http://www.springframework.org/schema/flex"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="
http://www.springframework.org/schema/beans
http://www.springframework.org/schem...-beans-3.0.xsd
http://www.springframework.org/schema/flex
http://www.springframework.org/schema/flex/spring-flex-1.0.xsd">

<flex:message-broker>
<flex:message-service
default-channels="my-streaming-amf,my-longpolling-amf,my-polling-amf," />
<flex:secured/>
</flex:message-broker>

<bean id="frontcontroller" class="com.portal.controller.FrontController" >
<flex:remoting-destination />
</bean>

</beans>


Services-config.xml

<?xml version="1.0" encoding="UTF-8"?>
<services-config>

<services>
<service-include file-path="remoting-config.xml" />
<service-include file-path="proxy-config.xml" />
<service-include file-path="messaging-config.xml" />
<default-channels>
<channel ref="my-amf"/>
</default-channels>
</services>

<security>
<login-command class="flex.messaging.security.TomcatLoginCommand" server="Tomcat"/>
<!-- Uncomment the correct app server
<login-command class="flex.messaging.security.TomcatLoginCommand" server="JBoss">
<login-command class="flex.messaging.security.JRunLoginCommand" server="JRun"/>
<login-command class="flex.messaging.security.WeblogicLoginComman d" server="Weblogic"/>
<login-command class="flex.messaging.security.WebSphereLoginComma nd" server="WebSphere"/>
-->

<!--
<security-constraint id="basic-read-access">
<auth-method>Basic</auth-method>
<roles>
<role>guests</role>
<role>accountants</role>
<role>employees</role>
<role>managers</role>
</roles>
</security-constraint>
-->
</security>

<channels>

<channel-definition id="my-amf" class="mx.messaging.channels.AMFChannel">
<endpoint url="http://localhost:80/Tool_V7_Server/messagebroker/amf" class="flex.messaging.endpoints.AMFEndpoint"/>
</channel-definition>

<channel-definition id="my-secure-amf" class="mx.messaging.channels.SecureAMFChannel">
<endpoint url="https://localhost:80/Tool_V7_Server/messagebroker/amfsecure" class="flex.messaging.endpoints.SecureAMFEndpoint"/>
<properties>
<add-no-cache-headers>false</add-no-cache-headers>
</properties>
</channel-definition>

<channel-definition id="my-polling-amf" class="mx.messaging.channels.AMFChannel">
<endpoint url="http://localhost:80/Tool_V7_Server/messagebroker/amfpolling" class="flex.messaging.endpoints.AMFEndpoint"/>
<properties>
<polling-enabled>true</polling-enabled>
<polling-interval-seconds>4</polling-interval-seconds>
</properties>
</channel-definition>

<!--
<channel-definition id="my-http" class="mx.messaging.channels.HTTPChannel">
<endpoint url="http://{server.name}:{server.port}/{context.root}/messagebroker/http" class="flex.messaging.endpoints.HTTPEndpoint"/>
</channel-definition>

<channel-definition id="my-secure-http" class="mx.messaging.channels.SecureHTTPChannel">
<endpoint url="https://{server.name}:{server.port}/{context.root}/messagebroker/httpsecure" class="flex.messaging.endpoints.SecureHTTPEndpoint "/>
<properties>
<add-no-cache-headers>false</add-no-cache-headers>
</properties>
</channel-definition>
-->
</channels>

<logging>
<target class="flex.messaging.log.ConsoleTarget" level="Error">
<properties>
<prefix>[BlazeDS] </prefix>
<includeDate>false</includeDate>
<includeTime>false</includeTime>
<includeLevel>false</includeLevel>
<includeCategory>false</includeCategory>
</properties>
<filters>
<pattern>Endpoint.*</pattern>
<pattern>Service.*</pattern>
<pattern>Configuration</pattern>
</filters>
</target>
</logging>

<system>
<redeploy>
<enabled>false</enabled>
<!--
<watch-interval>20</watch-interval>
<watch-file>{context.root}/WEB-INF/flex/services-config.xml</watch-file>
<watch-file>{context.root}/WEB-INF/flex/proxy-config.xml</watch-file>
<watch-file>{context.root}/WEB-INF/flex/remoting-config.xml</watch-file>
<watch-file>{context.root}/WEB-INF/flex/messaging-config.xml</watch-file>
<watch-file>{context.root}/WEB-INF/flex/data-management-config.xml</watch-file>
<touch-file>{context.root}/WEB-INF/web.xml</touch-file>
-->
</redeploy>
</system>

</services-config>


remoting-config.xml

<?xml version="1.0" encoding="UTF-8"?>
<service id="remoting-service"
class="flex.messaging.services.RemotingService">

<adapters>
<adapter-definition id="java-object" class="flex.messaging.services.remoting.adapters.J avaAdapter" default="true"/>
</adapters>

<default-channels>
<channel ref="my-amf"/>
</default-channels>

</service>

MXML File

<?xml version="1.0" encoding="utf-8"?>
<s:Application xmlns:fx="http://ns.adobe.com/mxml/2009"
xmlns:s="library://ns.adobe.com/flex/spark"
xmlns:mx="library://ns.adobe.com/flex/mx" creationComplete="initApp();">

<fx:Script>

<![CDATA[
import mx.controls.Alert;
import mx.controls.ToolTip;
import mx.events.ValidationResultEvent;
import mx.managers.ToolTipManager;
import mx.messaging.messages.ErrorMessage;
import mx.rpc.AsyncResponder;
import mx.rpc.AsyncToken;
import mx.rpc.events.FaultEvent;
import mx.rpc.events.ResultEvent;
private function initApp():void {
ToolTipManager.enabled = true;// Optional. Default value is true.
ToolTipManager.showDelay = 0;// Display immediately.
ToolTipManager.hideDelay = 3000; // Hide after 3 seconds of being viewed.
}

private function handleFault(event:FaultEvent, o:Object=null):void {
error.text = event.fault.faultString;
}
private function handleResult(event:ResultEvent, o:Object=null):void {
error.text = event.result.faultString;
}

protected function handleLogin():void
{
var token:AsyncToken = login.login(t1.text, t2.text);
token.addResponder(
new AsyncResponder(
function(evt:ResultEvent, token:Object = null):void {
//showMessage(event.result.toString());
Alert.show("Login Success: "+evt.type);
},
function(event:FaultEvent, token:Object = null):void {
Alert.show("Login Failed: "+event.fault.faultString);
}
)
);
}

protected function showMessage(str:String):void
{
/* outputTxt.text = "You have successfully logged into a Flex Spring secured destination and are able to use the data.";
*/ }

protected function ro_faultHandler(event:FaultEvent):void
{
Alert.show(event.fault.faultString, "Alert!");
}




// Event listener for the valid and invalid events.
private function handleValid(evt:ValidationResultEvent):void {
if (evt.type == ValidationResultEvent.VALID) {
// Enable Submit button.
submitButton.enabled = true;
} else {
submitButton.enabled = false;
}
}

]]>
</fx:Script>
<fx:Declarations>
<mx:Validator id="reqValid" required="true"
source="{t1}" property="text"
valid="handleValid(event)"
invalid="handleValid(event);" />
<fx:Boolean id="loggedIn">false</fx:Boolean>
<s:RemoteObject id="ro"
destination="testSpring"
fault="Alert.show(event.fault.faultString);">
<s:channelSet >
<s:ChannelSet id="login">
<s:AMFChannel uri="/Tool_V7_Server/messagebroker/amf"/>
</s:ChannelSet>
</s:channelSet>
</s:RemoteObject>
</fx:Declarations>
<s:VGroup verticalAlign="bottom" horizontalAlign="right" width="100%" height="100%" paddingBottom="100" paddingRight="100">
<s:Spacer width="100%"/>
<s:BorderContainer x="441" y="349" width="415" height="121" backgroundColor="0xE5E1E1"
borderColor="0x494949" cornerRadius="10">
<s:backgroundFill>
<s:LinearGradient rotation="90">
<s:GradientEntry color="0xCCCDDD"/>
<s:GradientEntry color="0xCCCCCC"/>
</s:LinearGradient>
</s:backgroundFill>
<s:VGroup gap="20" paddingLeft="10" width="100%" >
<s:VGroup width="100%">
</s:VGroup>
<s:Label textAlign="left" text="Login">
</s:Label>
<s:VGroup width="370" height="45">
<s:VGroup width="100%">
<s:HGroup paddingLeft="10" >
<s:TextInput prompt="username" id="t1" fontWeight="normal" toolTip="Username cannot be empty" text=""
/>

<s:TextInput fontWeight="normal" id="t2" displayAsPassword="true" toolTip="Username cannot be empty" prompt="password" text=""/>
<s:Label id="error"/>
<s:Button id="submitButton" x="336" y="36" label="Login" toolTip="Click the button to login" chromeColor="#090808" color="#F5EBEB" enabled="{!loggedIn}" click="handleLogin()" >
<!--<s:click>
ro.channelSet.login('john', 'john').addResponder(new AsyncResponder(
function(result:ResultEvent, o:Object):void {
loggedIn = true;
l.text = "logged in";toolTip="Click the button to login"
}, handleFault));
</s:click>-->
</s:Button>

</s:HGroup>
</s:VGroup>
<s:VGroup width="100%" verticalAlign="middle" horizontalAlign="center">
<s:Label color="#000000" text="Forgot Password" textDecoration="underline"/>
</s:VGroup>

<!--<s:TextArea id="outputTxt" height="100%" width="100%"/>-->

</s:VGroup>
<s:Spacer width="10"/>
</s:VGroup>
</s:BorderContainer>
</s:VGroup>
</s:Application>