Session Related problem in Spring Security 3.1.0 RC3

**Prasi** · Dec 20th, 2011, 05:58 AM

Hi All,
we are using spring security 3.1.0 RC3. Our security-context.xml, looks like below

Code:

<security:form-login login-page="/login.jsp"
			login-processing-url="/loginProcess" default-target-url="/mainLayout.htm"
			authentication-failure-url="/login.jsp?login_error=1"
			always-use-default-target="true" />
		<security:logout logout-url="/logout"
			logout-success-url="/logout_page.jsp" />
		<security:session-management
			session-authentication-strategy-ref="sas" />

<bean id="sas"
		class="com.security.authentication.ConcurrentSessionControlStrategyImpl">
		<constructor-arg name="sessionRegistry" ref="sessionRegistry" />
		<property name="exceptionIfMaximumExceeded" value="true" />
	</bean>

	<bean id="sessionRegistry"
		class="org.springframework.security.core.session.SessionRegistryImpl" />

Problem with this is, i log in using how many ever users, sessionRegistry.getAllPrincipals is always giving 1, so because of that, our concurrent login logic is failing, can anyone please let us know, where we are going wrong, or is it a known bug in Spring security 3.1.0 RC3, because, earlier we had used 3.0.5, and it was working absolutely fine.

Thread: Session Related problem in Spring Security 3.1.0 RC3

Thread Tools

Display

Session Related problem in Spring Security 3.1.0 RC3

Posting Permissions