Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

How do I get the Spring Security SessionRegistry?

Tags:

java

session

spring-security

struts2

I can't seem to find how to get a reference to the Spring Security (V3) SessionRegistry inside of a Struts action.

I've configured the listener inside of my web.xml file:

<listener>
    <listener-class>org.springframework.security.web.session.HttpSessionEventPublisher</listener-class>
</listener>

And I've tried to use the @Autowired annotation to bring it into an action:

@Autowired
private SessionRegistry sessionRegistry;

@Override
public String execute() throws Exception {
    numberOfUsersLoggedin= sessionRegistry.getAllPrincipals().size();
    return SUCCESS;       
}

public SessionRegistry getSessionRegistry() {
    return sessionRegistry;
}

public void setSessionRegistry(SessionRegistry sessionRegistry) {
    this.sessionRegistry = sessionRegistry;
}

The http configuration looks like this:

    <session-management invalid-session-url="/public/login.do?login_error=expired"
        session-authentication-error-url="/public/login.do" 
        session-fixation-protection="newSession">
        <concurrency-control max-sessions="1" error-if-maximum-exceeded="true"/>
    </session-management>

Generally I am more comfortable wiring the Spring bean myself, but not sure how this is exposed using the namespace. Each time the action executes, the session registry is null.

Can anyone point out what I am doing wrong here, or show me the way to an example?

Thanks in advance for any/all replies!

like image 869
Griff Avatar asked Oct 07 '10 22:10

Griff

People also ask

How do I install spring boot starter Security?

For adding a Spring Boot Security to your Spring Boot application, we need to add the Spring Boot Starter Security dependency in our build configuration file. Maven users can add the following dependency in the pom. xml file. Gradle users can add the following dependency in the build.

How do I log into Spring Security?

Once application up, open the http://localhost:8080/login URL in your browser. We will have the custom login page from spring security. Provide the valid credentials (which you used while registration), click on the “Sign In” button.

How do I set session timeout in Spring Security?

Spring Security Session Timeout In the case of Tomcat we can set the session timeout by configuring the maxInactiveInterval attribute on the manager element in server. xml or using the session-timeout element in web. xml. Note that the first option will affect every app that's deployed to the Tomcat instance.

1 Answers

If you are configuring Spring Security by namespace, the following attributes of concurrency-control tag can be useful for accessing SystemRegistry:

  1. session-registry-alias.
  2. session-registry-ref.

Description of each of attributes from official documentation:

session-registry-alias. It can also be useful to have a reference to the internal session registry for use in your own beans or an admin interface. You can expose the internal bean using the session-registry-alias attribute, giving it a name that you can use elsewhere in your configuration.

session-registry-ref. The user can supply their own SessionRegistry implementation using the session-registry-ref attribute. The other concurrent session control beans will be wired up to use it.

like image 69
Demwis Avatar answered Sep 23 '22 17:09

Demwis
Sign in to Comment

Related questions

StreamingResolution Stripes
Source control for a small project with few developers [duplicate]
Why are class files different size when compiling the same code in eclipse, and then with the eclipse compiler via ant?
Why method parameters needs to be set as final?
How to save excel workbook using com4j API without being prompted
JSON strings and how to handle escaped characters
Task scheduling frameworks - not thread scheduling!
JAXB + Enums + Showing Multiple Values
What is the preferred way to organize callbacks? [closed]
Hide JSP page from direct access, but how do you access to the target page?
Is there a way to protect the folder with password?
Book or reference material for UML [closed]
How to get web session on Spring AOP
Algorithm for sorting loosely comparable data?
If SOAP is now considered overengineered over REST why isn't WCF? [closed]
Eclipse ide, cannot resolve variables in newly written functions
Java Web Start - Does it work with Android?
Hibernate two tables and one object
Java memory Management for JNI
How to unit test JSON parsing

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!