如何获取 Spring Security SessionRegistry?
我似乎无法找到如何在 Struts 操作中获取对 Spring Security (V3) SessionRegistry 的引用。
我已经在 web.xml 文件中配置了侦听器:
<listener>
<listener-class>org.springframework.security.web.session.HttpSessionEventPublisher</listener-class>
</listener>
我尝试使用 @Autowired 注释将其带入操作中:
@Autowired
private SessionRegistry sessionRegistry;
@Override
public String execute() throws Exception {
numberOfUsersLoggedin= sessionRegistry.getAllPrincipals().size();
return SUCCESS;
}
public SessionRegistry getSessionRegistry() {
return sessionRegistry;
}
public void setSessionRegistry(SessionRegistry sessionRegistry) {
this.sessionRegistry = sessionRegistry;
}
http 配置如下所示:
<session-management invalid-session-url="/public/login.do?login_error=expired"
session-authentication-error-url="/public/login.do"
session-fixation-protection="newSession">
<concurrency-control max-sessions="1" error-if-maximum-exceeded="true"/>
</session-management>
一般来说,我自己更愿意自己连接 Spring bean,但不确定如何使用名称空间公开它。每次执行操作时,会话注册表都为空。
谁能指出我在这里做错了什么,或者向我展示示例的方法?
预先感谢您的任何/所有回复!
I can't seem to find how to get a reference to the Spring Security (V3) SessionRegistry inside of a Struts action.
I've configured the listener inside of my web.xml file:
<listener>
<listener-class>org.springframework.security.web.session.HttpSessionEventPublisher</listener-class>
</listener>
And I've tried to use the @Autowired annotation to bring it into an action:
@Autowired
private SessionRegistry sessionRegistry;
@Override
public String execute() throws Exception {
numberOfUsersLoggedin= sessionRegistry.getAllPrincipals().size();
return SUCCESS;
}
public SessionRegistry getSessionRegistry() {
return sessionRegistry;
}
public void setSessionRegistry(SessionRegistry sessionRegistry) {
this.sessionRegistry = sessionRegistry;
}
The http configuration looks like this:
<session-management invalid-session-url="/public/login.do?login_error=expired"
session-authentication-error-url="/public/login.do"
session-fixation-protection="newSession">
<concurrency-control max-sessions="1" error-if-maximum-exceeded="true"/>
</session-management>
Generally I am more comfortable wiring the Spring bean myself, but not sure how this is exposed using the namespace. Each time the action executes, the session registry is null.
Can anyone point out what I am doing wrong here, or show me the way to an example?
Thanks in advance for any/all replies!
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(2)
如果您按命名空间配置 Spring Security,则 concurrency-control 标记的以下属性对于访问 SystemRegistry 非常有用:
官方文档中各个属性的说明:
If you are configuring Spring Security by namespace, the following attributes of concurrency-control tag can be useful for accessing SystemRegistry:
Description of each of attributes from official documentation:
不确定您是否参考过 会话管理Spring Security 参考文档中的 部分。它有一个组合命名空间和自定义 bean 的片段。
Not sure if you have referred to Session Management section in Spring Security reference documentation. It has a snippet combining namespace and custom beans.