Retrieve sessions with SessionRegistry

[Cerrebos]

Hello everyone,

I've seen a post about concurency control with blazeds ans spring security.
I'm currently working on a project which has the same configuration (Spring/flex) and almost the same security-config.xml.

What I want to do is create a simple SessionService, injecting SessionRegistry, to retrieve users' sessions.
I understood that to use a SessionRegistry, I must put it in the constructor of a ConcurrentSessionControlStrategy (I'm ok with that, I'm not against more control over my user session!).

The thing is that my SessionRegistry.getAllPrincipals() return an empty list (I inject it in a "SessionService" with @Resource).
The authentication is handled by blazeDS on a amf-login channel and act like a "black box" for me.

I can also retrieve my current custom UserDetails through the SecurityContextHolder, but I want to retrieve All my users' session for monitoring purpose...

I'm new to spring and flex so sorry for lacking knowledge...

Here is my security-config file, if someone find the time to have a look at it, it would be great!

Code:

<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
	xmlns:security="http://www.springframework.org/schema/security"
	xmlns:p="http://www.springframework.org/schema/p"
	xsi:schemaLocation="http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.0.xsd
		http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.0.xsd">
          
	<!--********************** 
	Security Configuration 
	************************-->
     <security:global-method-security secured-annotations="enabled" jsr250-annotations="enabled" pre-post-annotations="enabled"/>

     <security:authentication-manager alias="authenticationManager">
          <security:authentication-provider user-service-ref="authenticationUserService" >
               <security:password-encoder hash="md5"/>
          </security:authentication-provider>
     </security:authentication-manager>
  
     <security:http auto-config="true" use-expressions="true" entry-point-ref="entryPoint">
          <security:session-management session-authentication-strategy-ref="sas"/>
               <security:concurrency-control max-sessions="1" error-if-maximum-exceeded="true"/>
          </security:session-management>
     </security:http>


    <!--********************** 
	Bean declaration 
	************************-->

     <bean id="entryPoint" class="org.springframework.flex.security3.FlexAuthenticationEntryPoint"/>

     <bean id="authenticationUserService" class="my.package.AuthenticationManagerDaoImpl"> <!-- extends JdbcDaoImpl -->
          <property name="dataSource" ref="dataSource"/>
     </bean>

     <bean id="sas" class="org.springframework.security.web.authentication.session.ConcurrentSessionControlStrategy">
          <constructor-arg name="sessionRegistry" ref="sessionRegistry" />
          <property name="maximumSessions" value="1" /> 
     </bean>

     <bean id="sessionRegistry" class="org.springframework.security.core.session.SessionRegistryImpl" />

</beans>

Any help or explanation about how to use SessionRegistry with a lookalike configuration would be greatly appreciated !