Concurrent Session Problem

**tsolak** · Mar 13th, 2006, 07:33 AM

http://forum.springframework.org/sho...4785#post44785

**anand1975** · Jul 18th, 2007, 09:36 AM

Originally Posted by adrury

It seems like ConcurrentSessionFilter has not effect tin 1.0.0-RC2. Or am I doing something wrong?

Code:

<!-- filter chain -->
<bean id="filterChainProxy" class="org.acegisecurity.util.FilterChainProxy">
    <property name="filterInvocationDefinitionSource">
        <value>
                CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON
                PATTERN_TYPE_APACHE_ANT
               /**=httpSessionContextIntegrationFilter,authenticationProcessingFilter,anonymousProcessingFilter,exceptionTranslationFilter,concurrentSessionFilter,filterInvocationInterceptor
        </value>
    </property>
</bean>

<!-- fifth item in chain: ConcurrentSessionFilter -->
<bean id="concurrentSessionFilter" class="org.acegisecurity.concurrent.ConcurrentSessionFilter">
    <property name="sessionRegistry"><ref local="sessionRegistry"/></property>
    <property name="expiredUrl"><value>/</value></property>
</bean>
<bean id="sessionRegistry" class="org.acegisecurity.concurrent.SessionRegistryImpl"/>

<!-- ConcurrentSessionController -->
<bean id="concurrentSessionController" class="org.acegisecurity.concurrent.ConcurrentSessionControllerImpl">
    <property name="maximumSessions"><value>1</value></property>
    <property name="sessionRegistry"><ref local="sessionRegistry"/></property>
</bean>

ConcurrentSessionfilter should the first in the filter chain proxy. Refer the documntation. It is better to provide a jsp for the session expiredURL property.

The previous session will be expired but not the current session make a note of it.

Regards
Anand

Thread: Concurrent Session Problem

Thread Tools

Display

Posting Permissions