Maximum concurrent users in Spring Security

问题

I am using Spring Security 3.0 in my project and I am restricting user to have maximum one session. Configuration is given below :

<security:session-management>
            <security:concurrency-control error-if-maximum-exceeded="true" max-sessions="1"/>
</security:session-management>

I want to print the custom message(not default provided by spring) when maximum sessions are reached. Please help.

Thanks in advance!!

回答1:

Please keep this in your messages.properties

ConcurrentSessionControlStrategy.exceededAllowed=This account is already using by someone.

it will display "This account is already using by someone." you can give what ever you want.

Also don't forget to config Resourcebundle

回答2:

expired-url should be what you require. In the configuration for spring security

<security:concurrent-session-control
  max-sessions="1" exception-if-maximum-exceeded="true" expired-url="/loginform.do" />

also add following listener in web.xml.

org.springframework.security.web.session.HttpSessionEventPublisher

回答3:

spring-security-3.2.0 , message.properties :

ConcurrentSessionControlAuthenticationStrategy.exceededAllowed = Maximum sessions of {0} for this principal exceeded

来源：https://stackoverflow.com/questions/8678275/maximum-concurrent-users-in-spring-security

标签

java

Spring

spring-security

易学教程内所有资源均来自网络或用户发布的内容，如有违反法律规定的内容欢迎反馈！
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!