List of usage examples for org.springframework.security.core.session SessionInformation getLastRequest
public Date getLastRequest()
From source file:com.rockagen.gnext.service.spring.security.extension.BasicConcurrentSessionControlStrategy.java
/** * Allowable sessions exceeded./*from w w w .ja v a 2 s . co m*/ * * @param sessions * the sessions * @param allowableSessions * the allowable sessions * @param sameIp * the same ip * @param registry * the registry * @throws SessionAuthenticationException * the session authentication exception */ protected void allowableSessionsExceeded(java.util.List<SessionInformation> sessions, int allowableSessions, boolean sameIp, SessionRegistry registry) throws SessionAuthenticationException { // new IP handle if (!sameIp) { // deny login if exceptionIfMaximumExceeded if (exceptionIfMaximumExceeded || (sessions == null)) { throw new SessionAuthenticationException( messages.getMessage("ConcurrentSessionControllerImpl.exceededAllowed", new Object[] { Integer.valueOf(allowableSessions) }, "Maximum sessions of {0} for this principal exceeded")); } } // Determine least recently used session, and mark it for invalidation SessionInformation leastRecentlyUsed = null; for (int i = 0; i < sessions.size(); i++) { if ((leastRecentlyUsed == null) || sessions.get(i).getLastRequest().before(leastRecentlyUsed.getLastRequest())) { leastRecentlyUsed = sessions.get(i); } } if (sessions.size() > allowableSessions && !sameIp) { BasicPrincipal basicPrincipal = (BasicPrincipal) leastRecentlyUsed.getPrincipal(); for (int i = 0; i < sessions.size(); i++) { if (sessions.get(i).getPrincipal().equals(leastRecentlyUsed.getPrincipal())) { if (basicPrincipal.equalsIp((BasicPrincipal) (sessions.get(i).getPrincipal()))) { sessions.get(i).expireNow(); } } } leastRecentlyUsed.expireNow(); } else if (!sameIp) { leastRecentlyUsed.expireNow(); } else { // TODO } }
From source file:com.rr.wabshs.ui.controller.mainController.java
/** * The '/loginfailed' request will serve up the login page displaying the login failed error message * * @param request/*w w w .j av a 2 s .c om*/ * @param response * @return the error object and the login page view * @throws Exception */ @RequestMapping(value = "/loginfailed", method = RequestMethod.GET) public ModelAndView loginerror(HttpServletRequest request, HttpServletResponse response) throws Exception { List<loggedInUsers> loggedInUsers = new ArrayList<loggedInUsers>(); if (sessionRegistry.getAllPrincipals() != null) { Date rightNow = new Date(); for (Object principal : sessionRegistry.getAllPrincipals()) { loggedInUsers loggedInUser = new loggedInUsers(); UserDetails userDetails = (UserDetails) principal; for (SessionInformation information : sessionRegistry.getAllSessions(userDetails, true)) { long diff = rightNow.getTime() - information.getLastRequest().getTime(); long minuteDiff = diff / (60 * 1000) % 60; long hourDiff = diff / (60 * 60 * 1000); if (hourDiff > 0) { information.expireNow(); sessionRegistry.removeSessionInformation(information.getSessionId()); } else if (minuteDiff > 30) { information.expireNow(); sessionRegistry.removeSessionInformation(information.getSessionId()); } } } } program programDetails = programmanager.getProgramById(programId); ModelAndView mav = new ModelAndView(); mav.setViewName("/login"); mav.addObject("programName", programDetails.getProgramName()); mav.addObject("error", "true"); return mav; }