List of usage examples for org.springframework.security.core.session SessionInformation getPrincipal
public Object getPrincipal()
From source file:com.artivisi.belajar.restful.ui.controller.HomepageController.java
@RequestMapping("/homepage/sessioninfo") @ResponseBody// ww w .j a v a 2 s.com public List<Map<String, String>> sessionInfo() { List<Map<String, String>> userAktif = new ArrayList<Map<String, String>>(); for (Object object : sessionRegistry.getAllPrincipals()) { List<SessionInformation> info = sessionRegistry.getAllSessions(object, true); for (SessionInformation i : info) { Object p = i.getPrincipal(); if (p != null && User.class.isAssignableFrom(p.getClass())) { Map<String, String> usermap = new HashMap<String, String>(); User u = (User) p; usermap.put("username", u.getUsername()); usermap.put("permission", u.getAuthorities().toString()); usermap.put("sessionid", i.getSessionId()); usermap.put("status", i.isExpired() ? "Expired" : "Aktif"); userAktif.add(usermap); } } } return userAktif; }
From source file:com.rockagen.gnext.service.spring.security.extension.BasicConcurrentSessionControlStrategy.java
/** * Check authentication allowed.//from www. j av a 2s .co m * * @param authentication * the authentication * @param request * the request * @throws AuthenticationException * the authentication exception */ private void checkAuthenticationAllowed(Authentication authentication, HttpServletRequest request) throws AuthenticationException { final List<SessionInformation> sessions = sessionRegistry.getAllSessions(authentication.getPrincipal(), false); int sessionCount = sessions.size(); int allowedSessions = getMaximumSessionsForThisUser(authentication); if (sessionCount < allowedSessions) { // They haven't got too many login sessions running at present return; } if (allowedSessions == -1) { // We permit unlimited logins return; } if (sessionCount == allowedSessions) { HttpSession session = request.getSession(false); if (session != null) { // Only permit it though if this request is associated with one of the already registered sessions for (SessionInformation si : sessions) { if (si.getSessionId().equals(session.getId())) { return; } } } // If the session is null, a new one will be created by the parent class, exceeding the allowed number } BasicPrincipal basicPrincipal = new BasicPrincipal(authentication); // // verify the ip value in the basicPrincipal // boolean sameIp = false; List<Object> allValidPrincipals = new ArrayList<Object>(); for (SessionInformation sessionInformation : sessions) { allValidPrincipals.add(sessionInformation.getPrincipal()); } for (Object savedPrincipal : allValidPrincipals) { if (basicPrincipal.equals(savedPrincipal)) { sameIp = basicPrincipal.equalsIp((BasicPrincipal) savedPrincipal); break; } } allowableSessionsExceeded(sessions, allowedSessions, sameIp, sessionRegistry); }
From source file:com.kuprowski.redis.security.core.session.RedisSessionRegistry.java
@Override public void removeSessionInformation(String sessionId) { Assert.hasText(sessionId, "SessionId required as per interface contract"); SessionInformation info = getSessionInformation(sessionId); if (info == null) { return;//from w ww. j av a 2s .c om } if (logger.isTraceEnabled()) { logger.debug("Removing session " + sessionId + " from set of registered sessions"); } sessionIdsTemplate.delete(buildSessionIdsKey(sessionId)); Set<String> sessionsUsedByPrincipal = getSessionsUsedByPrincipal(info.getPrincipal()); if (sessionsUsedByPrincipal == null) { return; } if (logger.isDebugEnabled()) { logger.debug("Removing session " + sessionId + " from principal's set of registered sessions"); } sessionsUsedByPrincipal.remove(sessionId); principalsTemplate.opsForSet().remove(buildPrincipalKey(info.getPrincipal()), sessionId); if (sessionsUsedByPrincipal.isEmpty()) { // No need to keep object in principals Map anymore if (logger.isDebugEnabled()) { logger.debug("Removing principal " + info.getPrincipal() + " from registry"); } //TODO REMOVE //principalsTemplate.Ops.remove(info.getPrincipal()); } if (logger.isTraceEnabled()) { logger.trace("Sessions used by '" + info.getPrincipal() + "' : " + sessionsUsedByPrincipal); } }
From source file:com.rockagen.gnext.service.spring.security.extension.BasicConcurrentSessionControlStrategy.java
/** * Allowable sessions exceeded./*from w w w. jav a2 s. co m*/ * * @param sessions * the sessions * @param allowableSessions * the allowable sessions * @param sameIp * the same ip * @param registry * the registry * @throws SessionAuthenticationException * the session authentication exception */ protected void allowableSessionsExceeded(java.util.List<SessionInformation> sessions, int allowableSessions, boolean sameIp, SessionRegistry registry) throws SessionAuthenticationException { // new IP handle if (!sameIp) { // deny login if exceptionIfMaximumExceeded if (exceptionIfMaximumExceeded || (sessions == null)) { throw new SessionAuthenticationException( messages.getMessage("ConcurrentSessionControllerImpl.exceededAllowed", new Object[] { Integer.valueOf(allowableSessions) }, "Maximum sessions of {0} for this principal exceeded")); } } // Determine least recently used session, and mark it for invalidation SessionInformation leastRecentlyUsed = null; for (int i = 0; i < sessions.size(); i++) { if ((leastRecentlyUsed == null) || sessions.get(i).getLastRequest().before(leastRecentlyUsed.getLastRequest())) { leastRecentlyUsed = sessions.get(i); } } if (sessions.size() > allowableSessions && !sameIp) { BasicPrincipal basicPrincipal = (BasicPrincipal) leastRecentlyUsed.getPrincipal(); for (int i = 0; i < sessions.size(); i++) { if (sessions.get(i).getPrincipal().equals(leastRecentlyUsed.getPrincipal())) { if (basicPrincipal.equalsIp((BasicPrincipal) (sessions.get(i).getPrincipal()))) { sessions.get(i).expireNow(); } } } leastRecentlyUsed.expireNow(); } else if (!sameIp) { leastRecentlyUsed.expireNow(); } else { // TODO } }
From source file:org.springframework.security.core.session.SessionRegistryImpl.java
public void removeSessionInformation(String sessionId) { Assert.hasText(sessionId, "SessionId required as per interface contract"); SessionInformation info = getSessionInformation(sessionId); if (info == null) { return;/* w w w. ja v a2 s . c o m*/ } if (logger.isTraceEnabled()) { logger.debug("Removing session " + sessionId + " from set of registered sessions"); } sessionIds.remove(sessionId); Set<String> sessionsUsedByPrincipal = principals.get(info.getPrincipal()); if (sessionsUsedByPrincipal == null) { return; } if (logger.isDebugEnabled()) { logger.debug("Removing session " + sessionId + " from principal's set of registered sessions"); } sessionsUsedByPrincipal.remove(sessionId); if (sessionsUsedByPrincipal.isEmpty()) { // No need to keep object in principals Map anymore if (logger.isDebugEnabled()) { logger.debug("Removing principal " + info.getPrincipal() + " from registry"); } principals.remove(info.getPrincipal()); } if (logger.isTraceEnabled()) { logger.trace("Sessions used by '" + info.getPrincipal() + "' : " + sessionsUsedByPrincipal); } }