Spring Security关于用户重复登录的解决方案
网上查了好多方法,尝试很多都没有成功,说的都不是很全面,最后是这样实现的:
step1: web.xml加listener:org.springframework.security.ui.session.HttpSessionEventPublisher
step2: 实例化org.springframework.security.util.FilterChainProxy
/**=httpSessionContextIntegr ationFilter,logoutFilter,authenticationProcessingFilter,securityContextHolderAwareRequestFilter,rememberMeProcessingFilter,anonymousProcessingFilter,exceptionTranslationFilter,filterInvocationInterceptor
注意----并不需要concurrentSessionFilter
step3: 实例化concurrentSessionController和sessionRegistry如下:
<bean id="concurrentSessionController"
/>
</property>
<property name="exceptionIfMaximumExceeded" value="true" />
</bean>
<bean id="sessionRegistry" />
注意----属性exceptionIfMaximumExceeded的value="false"的话并不能把前一个用户踢出
