[HELP] get All Online users with Spring Security
springSecurityContext.xml
Code:
<global-method-security secured-annotations="enabled" />
<http auto-config="true">
<form-login login-page="/login.zul"
authentication-failure-url="/login.zul?login_error=1"
default-target-url="/pages/index.zul" />
<logout logout-url="/j_spring_logout" logout-success-url="/login.zul" />
<intercept-url pattern="/pages/**" access="IS_AUTHENTICATED_REMEMBERED" />
<intercept-url pattern="/WEB-INF/pages/**" access="IS_AUTHENTICATED_REMEMBERED" />
<intercept-url pattern="/**" access="IS_AUTHENTICATED_ANONYMOUSLY" />
<session-management
session-authentication-strategy-ref="sas" />
<remember-me data-source-ref="dataSource" />
</http>
<authentication-manager alias="authenticationManager">
<authentication-provider user-service-ref="myUserDetailsService">
<!-- The password encoder is additonally for -->
<!-- simulating a one-time-password mechanism -->
<password-encoder ref="passwordEncoder">
<salt-source user-property="token" />
</password-encoder>
</authentication-provider>
</authentication-manager>
<beans:bean id="myUserDetailsService" class="com.evnit.fmis.policy.model.PolicyManager">
<beans:property name="userService" ref="userService" />
</beans:bean>
<beans:bean id="passwordEncoder" class="com.evnit.fmis.policy.PasswordEncoderImpl">
</beans:bean>
<beans:bean id="LoginLoggingPolicyService"
class="com.evnit.fmis.policy.LoginLoggingPolicyService" scope="session">
<beans:property name="guiLoginLoggingPolicService" ref="guiLoginLoggingPolicService" />
</beans:bean>
<aop:config>
<aop:aspect id="LoginLoggingAspect" ref="LoginLoggingPolicyService">
<aop:pointcut id="authPointcut"
expression="execution(public org.springframework.security.core.Authentication org.springframework.security.authentication.AuthenticationProvider.authenticate(org.springframework.security.core.Authentication))" />
<aop:around pointcut-ref="authPointcut" method="loginLogging" />
</aop:aspect>
</aop:config>
<beans:bean id="concurrencyFilter"
class="org.springframework.security.web.session.ConcurrentSessionFilter">
<beans:property name="sessionRegistry" ref="sessionRegistry" />
<beans:property name="expiredUrl" value="/session-expired.htm" />
</beans:bean>
<beans:bean id="myAuthFilter"
class="org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter">
<beans:property name="sessionAuthenticationStrategy"
ref="sas" />
<beans:property name="authenticationManager" ref="authenticationManager" />
</beans:bean>
<beans:bean id="sas"
class="org.springframework.security.web.authentication.session.ConcurrentSessionControlStrategy">
<beans:constructor-arg name="sessionRegistry"
ref="sessionRegistry" />
<beans:property name="maximumSessions" value="1" />
</beans:bean>
<beans:bean id="sessionRegistry"
class="org.springframework.security.core.session.SessionRegistryImpl">
</beans:bean>
</beans:beans>
web.xml
Code:
<display-name>myzkoss</display-name>
<context-param>
<param-name>contextConfigLocation</param-name>
<param-value>
classpath:applicationContext-db.xml,
classpath:applicationContext-hibernate.xml,
classpath:applicationContext-guiServices.xml,
classpath:customize-applicationContext.xml,
classpath:applicationContext.xml,
classpath:springSecurityContext.xml
classpath:performance-db-logging.xml
</param-value>
</context-param>
<listener>
<display-name>Spring Context Loader</display-name>
<listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
</listener>
<listener>
<display-name>Spring Request Context Listener</display-name>
<listener-class>org.springframework.web.context.request.RequestContextListener</listener-class>
</listener>
<listener>
<listener-class>org.springframework.security.web.session.HttpSessionEventPublisher</listener-class>
</listener>
<filter>
<filter-name>springSecurityFilterChain</filter-name>
<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
</filter>
<filter-mapping>
<filter-name>springSecurityFilterChain</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<listener>
<description>Used to cleanup when a session is destroyed</description>
<display-name>ZK Session Cleaner</display-name>
<listener-class>org.zkoss.zk.ui.http.HttpSessionListener</listener-class>
</listener>
<servlet>
<description>The servlet loads the DSP pages.</description>
<servlet-name>dspLoader</servlet-name>
<servlet-class>org.zkoss.web.servlet.dsp.InterpreterServlet</servlet-class>
</servlet>
<servlet>
<description>ZK loader for ZUML pages</description>
<servlet-name>zkLoader</servlet-name>
<servlet-class>org.zkoss.zk.ui.http.DHtmlLayoutServlet</servlet-class>
<!-- Must. Specifies URI of the update engine (DHtmlUpdateServlet). It
must be the same as <url-pattern> for the update engine. -->
<init-param>
<param-name>update-uri</param-name>
<param-value>/zkau</param-value>
</init-param>
<load-on-startup>1</load-on-startup>
</servlet>
<servlet>
<description>The asynchronous update engine for ZK</description>
<servlet-name>auEngine</servlet-name>
<servlet-class>org.zkoss.zk.au.http.DHtmlUpdateServlet</servlet-class>
</servlet>
<servlet-mapping>
<servlet-name>dspLoader</servlet-name>
<url-pattern>*.dsp</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>zkLoader</servlet-name>
<url-pattern>*.zul</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>zkLoader</servlet-name>
<url-pattern>*.zhtml</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>auEngine</servlet-name>
<url-pattern>/zkau/*</url-pattern>
</servlet-mapping>
<welcome-file-list>
<welcome-file>login.zul</welcome-file>
<welcome-file>login.zhtml</welcome-file>
</welcome-file-list>
<distributable />
<session-config>
<session-timeout>30</session-timeout>
</session-config>
</web-app>
login app check user online =0;
Code:
@WireVariable
private SessionRegistry sessionRegistry;
userOnlineList = sessionRegistry.getAllPrincipals();// result userOnlineList = 0
