Hi
Iam trying to redirect to a particular JSP on sessionexpired using concurrentsessionfilter but it is not effecting the application at all.
It is using the Login.jsp throwing a AuthenticationCredentialsNotFoundException.
Can you tell me why?
Member
problem with concurrent sesison filter
Hi
Iam trying to redirect to a particular JSP on sessionexpired using concurrentsessionfilter but it is not effecting the application at all.
It is using the Login.jsp throwing a AuthenticationCredentialsNotFoundException.
Can you tell me why?
Member
Can anybody answer my question y am I unable to go to the ExpiredURL.jsp page given at the ExpiredURL property in org.acegisecurity.concurrent.ConcurrentSessionFilt er.
Please somebody reply my question.
Member
Please i need help regarding this issue .
Ben can you help me
Member
Can you give us your security config file? I'm really new to this but was able to get the concurrent session stuff working OK.
Member
<bean id="filterChainProxy" class="org.acegisecurity.util.FilterChainProxy">
<property name="filterInvocationDefinitionSource">
<value>
CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON
PATTERN_TYPE_APACHE_ANT
/**=concurrentSessionFilter, httpSessionIntegrationFilter,authenticationProcess ingFilter,exceptionTranslationFilter, expiredPassWordFilter, filterInvocationInterceptor
</value>
</property>
</bean>
<bean id="httpSessionIntegrationFilter" class="org.acegisecurity.context.HttpSessionContex tIntegrationFilter">
<property name="context">
<value>org.acegisecurity.context.SecurityContextIm pl</value>
</property>
</bean>
<bean id="authenticationProcessingFilter" class="org.acegisecurity.ui.webapp.AuthenticationP rocessingFilter">
<property name="authenticationManager">
<ref bean="authenticationManager"/>
</property>
<property name="authenticationFailureUrl">
<value>/LoginPage.do</value>
</property>
<property name="defaultTargetUrl">
<value>/secure/Welcome.do</value>
</property>
<property name="alwaysUseDefaultTargetUrl">
<value>false</value>
</property>
<property name="filterProcessesUrl">
<value>/secure/j_acegi_security_check</value>
</property>
<property name="exceptionMappings">
<props>
<prop key="org.acegisecurity.BadCredentialsException">/BadCredentialsPage.do</prop>
<prop key="org.acegisecurity.userdetails.UsernameNotFoun dException">/UserNameNotFoundPage.do</prop>
<prop key="org.acegisecurity.AuthenticationCredentialsNo tFoundException">/SessionExpired.do</prop>
</props>
</property>
</bean>
<bean id="concurrentSessionFilter" class="org.acegisecurity.concurrent.ConcurrentSess ionFilter">
<property name="sessionRegistry">
<ref local="sessionRegistry" />
</property>
<property name="expiredUrl">
<value>/LoginPage.do</value>
</property>
</bean>
<bean id="sessionRegistry" class="org.acegisecurity.concurrent.SessionRegistr yImpl" />
<bean id="expiredPassWordFilter" class="com.starwood.svo.ice.security.filter.PassWo rdFilter" abstract="false" singleton="true" lazy-init="default" autowire="default" dependency-check="default">
<property name="securityService">
<ref local="mySecurityService" />
</property>
<property name="passwordChangeUrl">
<value>/secure/security/PasswordExpired.do</value>
</property>
</bean>
<bean id="authenticationManager" class="org.acegisecurity.providers.ProviderManager ">
<property name="providers">
<list>
<ref bean="daoAuthenticationProvider"/>
</list>
</property>
</bean>
<bean id ="daoAuthenticationProvider" class="org.acegisecurity.providers.dao.DaoAuthenti cationProvider">
<property name="userDetailsService">
<ref local="mySecurityService"/>
</property>
</bean>
<bean id="exceptionTranslationFilter" class="org.acegisecurity.ui.ExceptionTranslationFi lter">
<property name="authenticationEntryPoint">
<ref bean="authenticationEntryPoint"/>
</property>
</bean>
<bean id="filterInvocationInterceptor" class="org.acegisecurity.intercept.web.FilterSecur ityInterceptor">
<property name="authenticationManager">
<ref bean="authenticationManager"/>
</property>
<property name="accessDecisionManager">
<ref bean="accessDecisionManager"/>
</property>
<property name="objectDefinitionSource">
<ref bean = "myICEFilterDefinitionSource"/>
</property>
</bean>
<bean id ="myICEFilterDefinitionSource" class ="com.starwood.svo.ice.security.ICEFilterInvocatio nDefinitionSourceImpl">
<property name="securityService">
<ref local="mySecurityService"/>
</property>
</bean>
<bean id="loginListener"
class="com.starwood.svo.ice.util.LoginListener">
<property name="securityService">
<ref local="mySecurityService"/>
</property>
</bean>
<bean id="roleVoter" class="org.acegisecurity.vote.RoleVoter"/>
<bean id="accessDecisionManager" class="org.acegisecurity.vote.ConsensusBased">
<property name="allowIfAllAbstainDecisions">
<value>true</value>
</property>
<property name="decisionVoters">
<list>
<ref local="roleVoter"/>
</list>
</property>
</bean>
<bean id="authenticationEntryPoint" class="org.acegisecurity.ui.webapp.AuthenticationP rocessingFilterEntryPoint">
<property name="loginFormUrl">
<value>/Login.jsp</value></property>
<property name="forceHttps"><value>false</value></property>
</bean>
<!-- ========================= OTHER ================================================== -->
<bean id="messageSource" class="org.springframework.context.support.Resourc eBundleMessageSource">
<property name="basename"><value>messages</value></property>
</bean>
</beans>
this is my security config file. let mek now if there are any errors. It would be of a great help to me
Member
The esceptionTranslation filter is redirecting it to Login.jsp page rather than taking it to the ConcurrentSessionFilter
Member
It looks like you have a couple of things missing, at least when I compare to my config. Relevant portions of mine are below. I highlighted the things I have but you don't.
You also need to have the session event publisher setup in your web.xml.Code:<!-- concurrent session control --> <bean id="filterChainProxy" class="org.acegisecurity.util.FilterChainProxy"> <property name="filterInvocationDefinitionSource"> <value> CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON PATTERN_TYPE_APACHE_ANT /**=channelProcessingFilter,concurrentSessionFilter,httpSessionContextIntegrationFilter,authenticationProcessingFilter,rememberMeProcessingFilter,anonymousProcessingFilter,switchUserProcessingFilter,exceptionTranslationFilter,filterInvocationInterceptor </value> </property> </bean> <bean id="concurrentSessionController" class="org.acegisecurity.concurrent.ConcurrentSessionControllerImpl"> <property name="maximumSessions"><value>1</value></property> <property name="sessionRegistry"><ref local="sessionRegistry"/></property> </bean> <bean id="concurrentSessionFilter" class="org.acegisecurity.concurrent.ConcurrentSessionFilter"> <property name="sessionRegistry"><ref local="sessionRegistry"/></property> <property name="expiredUrl"><value>/expiredSession.jsp</value></property> </bean> <bean id="sessionRegistry" class="org.acegisecurity.concurrent.SessionRegistryImpl"/>
Code:<listener> <description> Used by Acegi ConcurrentSessionFilter</description> <display-name> HttpSessionEventPublisher</display-name> <listener-class>org.acegisecurity.ui.session.HttpSessionEventPublisher</listener-class> </listener>
Member
Did this help?
Member
Yeah it did help me.
I am sorry for not replying and also Thanks for the same.
Posting Permissions
