Evaluate value ({0}) from acegi message.properties

**olav78** · Jan 22nd, 2007, 08:04 AM

Hello!

When I try to log in to my system when I'm already logged in I get this message “Maximum sessions of {0} for this principal exceeded”. The attribute do not evaluate to 1 (for example) and shows ugly “{0}”. Anyone knows what I am doing wrong?

Here's my applicationContext-security.xml (i'm using Spring):

Code:

<?xml version="1.0" encoding="ISO-8859-1"?>

<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="
http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.0.xsd">

  <!-- ======================== FILTER CHAIN ======================= -->

  <bean id="filterChainProxy" class="org.acegisecurity.util.FilterChainProxy">
    <property name="filterInvocationDefinitionSource">
      <value>
        CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON
        PATTERN_TYPE_APACHE_ANT
        /**=httpSessionContextIntegrationFilter,authenticationProcessingFilter,anonymousProcessingFilter,concurrentSessionFilter,exceptionTranslationFilter,filterInvocationInterceptor
      </value>
    </property>
  </bean>

  <!-- ======================== AUTHENTICATION ======================= -->

  <bean id="authenticationManager" class="org.acegisecurity.providers.ProviderManager">
    <property name="providers">
      <list>
        <ref local="daoAuthenticationProvider"/>
        <ref local="anonymousAuthenticationProvider"/>
      </list>
    </property>
    <property name="sessionController"><ref local="concurrentSessionController"/></property>
  </bean>

  <bean id="jdbcDaoImpl" class="org.acegisecurity.userdetails.jdbc.JdbcDaoImpl">
    <property name="dataSource"><ref bean="dataSource"/></property>
  </bean>

  <bean id="passwordEncoder" class="org.acegisecurity.providers.encoding.ShaPasswordEncoder"/>

  <bean id="daoAuthenticationProvider" class="org.acegisecurity.providers.dao.DaoAuthenticationProvider">
    <property name="userDetailsService"><ref bean="userManager"/></property>
    <property name="userCache"><ref local="userCache"/></property>
    <property name="passwordEncoder"><ref local="passwordEncoder"/></property>
  </bean>

  <bean id="cacheManager" class="org.springframework.cache.ehcache.EhCacheManagerFactoryBean"/>

  <bean id="userCacheBackend" class="org.springframework.cache.ehcache.EhCacheFactoryBean">
    <property name="cacheManager">
      <ref local="cacheManager"/>
    </property>
    <property name="cacheName">
      <value>userCache</value>
    </property>
  </bean>

  <bean id="userCache" class="org.acegisecurity.providers.dao.cache.EhCacheBasedUserCache">
    <property name="cache"><ref local="userCacheBackend"/></property>
  </bean>

  <!-- Automatically receives AuthenticationEvent messages -->
  <bean id="loggerListener" class="org.acegisecurity.event.authentication.LoggerListener"/>

  <bean id="anonymousProcessingFilter" class="org.acegisecurity.providers.anonymous.AnonymousProcessingFilter">
    <property name="key"><value>foobar</value></property>
    <property name="userAttribute"><value>anonymousUser,ROLE_ANONYMOUS</value></property>
  </bean>

  <bean id="anonymousAuthenticationProvider" class="org.acegisecurity.providers.anonymous.AnonymousAuthenticationProvider">
    <property name="key"><value>foobar</value></property>
  </bean>

  <bean id="httpSessionContextIntegrationFilter" class="org.acegisecurity.context.HttpSessionContextIntegrationFilter">
  </bean>

  <!-- ===================== HTTP REQUEST SECURITY ==================== -->

  <bean id="exceptionTranslationFilter" class="org.acegisecurity.ui.ExceptionTranslationFilter">
    <property name="authenticationEntryPoint"><ref local="authenticationProcessingFilterEntryPoint"/></property>
  </bean>

  <bean id="authenticationProcessingFilter" class="org.acegisecurity.ui.webapp.AuthenticationProcessingFilter">
    <property name="authenticationManager"><ref bean="authenticationManager"/></property>
    <property name="authenticationFailureUrl"><value>/login.html?login_error=1</value></property>
    <property name="defaultTargetUrl"><value>/</value></property>
    <property name="filterProcessesUrl"><value>/j_acegi_security_check</value></property>
  </bean>

  <bean id="authenticationProcessingFilterEntryPoint" class="org.acegisecurity.ui.webapp.AuthenticationProcessingFilterEntryPoint">
    <property name="loginFormUrl"><value>/login.html</value></property>
    <property name="forceHttps"><value>false</value></property>
  </bean>

  <bean id="httpRequestAccessDecisionManager" class="org.acegisecurity.vote.AffirmativeBased">
    <property name="allowIfAllAbstainDecisions"><value>false</value></property>
    <property name="decisionVoters">
      <list>
        <ref local="roleVoter"/>
      </list>
    </property>
  </bean>

  <!-- An access decision voter that reads ROLE_* configuration settings -->
  <bean id="roleVoter" class="org.acegisecurity.vote.RoleVoter"/>

  <!-- Note the order that entries are placed against the objectDefinitionSource is critical.
      The FilterSecurityInterceptor will work from the top of the list down to the FIRST pattern that matches the request URL.
      Accordingly, you should place MOST SPECIFIC (ie a/b/c/d.*) expressions first, with LEAST SPECIFIC (ie a/.*) expressions last -->
  <bean id="filterInvocationInterceptor" class="org.acegisecurity.intercept.web.FilterSecurityInterceptor">
    <property name="authenticationManager"><ref bean="authenticationManager"/></property>
    <property name="accessDecisionManager"><ref local="httpRequestAccessDecisionManager"/></property>
    <property name="objectDefinitionSource">
      <value>
        CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON
        PATTERN_TYPE_APACHE_ANT
        /admin/**=ROLE_ADMIN
        /**=ROLE_USER
      </value>
    </property>
  </bean>

  <!-- ===================== Session Management ==================== -->

  <bean id="concurrentSessionFilter" class="org.acegisecurity.concurrent.ConcurrentSessionFilter">
    <property name="expiredUrl"><value>/login.html</value></property>
    <property name="sessionRegistry"><ref local="sessionRegistry"/></property>
  </bean>

  <bean id="concurrentSessionController" class="org.acegisecurity.concurrent.ConcurrentSessionControllerImpl">
    <property name="maximumSessions"><value>1</value></property>
    <property name="exceptionIfMaximumExceeded"><value>true</value></property>
    <property name="sessionRegistry"><ref local="sessionRegistry"/></property>
  </bean>

  <bean id="sessionRegistry" class="org.acegisecurity.concurrent.SessionRegistryImpl"/>

</beans>

Here's the relevant code for my login.jsp:

Code:

<c:if test="${not empty param.login_error}">
  <span id="error">
    <fmt:message key="login.notSuccessful"/><BR><BR>
    <fmt:message key="login.reason"/>: <%= ((AuthenticationException) session.getAttribute(AbstractProcessingFilter.ACEGI_SECURITY_LAST_EXCEPTION_KEY)).getMessage() %>
  </span>
</c:if>

**karldmoore** · Jan 22nd, 2007, 08:13 AM

I would guess this is something to do with the MessageSource in ConcurrentSessionControllerImpl. It can't find the message properties in the bundle and so defaults to the passed in String.

Code:

        if (exceptionIfMaximumExceeded || (sessions == null)) {
            throw new ConcurrentLoginException(messages.getMessage("ConcurrentSessionControllerImpl.exceededAllowed",
                    new Object[] {new Integer(allowableSessions)}, "Maximum sessions of {0} for this principal exceeded"));
        }

http://www.springframework.org/docs/...a.lang.String)

**olav78** · Jan 23rd, 2007, 03:31 AM

yep, that's true, it defaults to the passed in String. Thank you for the help.

I've done it like this now:

Code:

<c:if test="${not empty param.login_error}">
  <span id="error">
    <fmt:message key="login.notSuccessful"/><BR><BR>
    <fmt:message key="login.reason"/>: 
    <% if(((AuthenticationException) session.getAttribute(AbstractProcessingFilter.ACEGI_SECURITY_LAST_EXCEPTION_KEY)) instanceof BadCredentialsException) { %>
    	<fmt:message key="AbstractUserDetailsAuthenticationProvider.badCredentials"/>
    <% }
       else if(((AuthenticationException) session.getAttribute(AbstractProcessingFilter.ACEGI_SECURITY_LAST_EXCEPTION_KEY)) instanceof ConcurrentLoginException) { %>
    <fmt:message key="ConcurrentSessionControllerImpl.exceededAllowed" >
    	<fmt:param value="1"/>
    </fmt:message>
    <% }
       else {
         ((AuthenticationException) session.getAttribute(AbstractProcessingFilter.ACEGI_SECURITY_LAST_EXCEPTION_KEY)).getMessage();
       }
    %>
       
  </span>
</c:if>

Not very elegant, and the problem is that the message "Maximum sessions of 1 for this principal exceeded" always shows up (if the maximum sessions is reached) even if the maximumSessionForThisUser-value is higher than 1. I can't figure out how to get the maximumSessionForThisUser-value... getMaximumSessionForThisUser in ConcurrentSessionControllerImpl is protected

**karldmoore** · Jan 23rd, 2007, 03:33 AM

You shouldn't have to do this. The default message is only used if it can't resolve the property. Have you configured any other MessageSource that might be causing this problem?

**olav78** · Jan 23rd, 2007, 03:47 AM

yeah, i have, maybe i should've pointed that out earlier

is it a problem?

Code:

  <bean id="messageSource" 
  		class="org.springframework.context.support.ResourceBundleMessageSource">
	<property name="basenames">
      <list>
        <value>messages</value>
        <value>org/acegisecurity/messages</value>
      </list>
    </property>
  </bean>

Thread: Evaluate value ({0}) from acegi message.properties

Thread Tools

Display

Evaluate value ({0}) from acegi message.properties

Posting Permissions