Example usage for org.springframework.security.core.session SessionInformation getSessionId

Introduction

In this page you can find the example usage for org.springframework.security.core.session SessionInformation getSessionId.

Prototype

public String getSessionId() 

Source Link

Usage

From source file:com.sshdemo.common.security.core.session.EwcmsSessionRegistryImpl.java

@Override
public void removeSessionInformationByUsername(String username) {
    Object principal = getPrincipal(username);
    if (principal == null) {
        if (logger.isDebugEnabled()) {
            logger.debug("{} has't session", username);
        }//from   ww w.  jav  a  2 s . co  m
        return;
    }

    List<SessionInformation> sessionInformations = getAllSessions(principal, true);
    for (SessionInformation sessionInformation : sessionInformations) {
        removeSessionInformation(sessionInformation.getSessionId());
    }
}

---

From source file:com.rockagen.gnext.service.spring.security.extension.BasicConcurrentSessionControlStrategy.java

/**
 * Check authentication allowed.//from ww  w. j ava  2  s  .com
 * 
 * @param authentication
 *            the authentication
 * @param request
 *            the request
 * @throws AuthenticationException
 *             the authentication exception
 */
private void checkAuthenticationAllowed(Authentication authentication, HttpServletRequest request)
        throws AuthenticationException {

    final List<SessionInformation> sessions = sessionRegistry.getAllSessions(authentication.getPrincipal(),
            false);

    int sessionCount = sessions.size();
    int allowedSessions = getMaximumSessionsForThisUser(authentication);

    if (sessionCount < allowedSessions) {
        // They haven't got too many login sessions running at present
        return;
    }

    if (allowedSessions == -1) {
        // We permit unlimited logins
        return;
    }

    if (sessionCount == allowedSessions) {
        HttpSession session = request.getSession(false);

        if (session != null) {
            // Only permit it though if this request is associated with one of the already registered sessions
            for (SessionInformation si : sessions) {
                if (si.getSessionId().equals(session.getId())) {
                    return;
                }
            }
        }
        // If the session is null, a new one will be created by the parent class, exceeding the allowed number
    }

    BasicPrincipal basicPrincipal = new BasicPrincipal(authentication);
    //
    // verify the ip value in the basicPrincipal
    //
    boolean sameIp = false;
    List<Object> allValidPrincipals = new ArrayList<Object>();
    for (SessionInformation sessionInformation : sessions) {
        allValidPrincipals.add(sessionInformation.getPrincipal());
    }

    for (Object savedPrincipal : allValidPrincipals) {
        if (basicPrincipal.equals(savedPrincipal)) {
            sameIp = basicPrincipal.equalsIp((BasicPrincipal) savedPrincipal);

            break;
        }
    }
    allowableSessionsExceeded(sessions, allowedSessions, sameIp, sessionRegistry);
}

---

From source file:com.artivisi.belajar.restful.ui.controller.HomepageController.java

@RequestMapping("/homepage/sessioninfo")
@ResponseBody// w w  w .j a  v  a  2  s  .c  o  m
public List<Map<String, String>> sessionInfo() {

    List<Map<String, String>> userAktif = new ArrayList<Map<String, String>>();

    for (Object object : sessionRegistry.getAllPrincipals()) {
        List<SessionInformation> info = sessionRegistry.getAllSessions(object, true);
        for (SessionInformation i : info) {
            Object p = i.getPrincipal();
            if (p != null && User.class.isAssignableFrom(p.getClass())) {
                Map<String, String> usermap = new HashMap<String, String>();

                User u = (User) p;
                usermap.put("username", u.getUsername());
                usermap.put("permission", u.getAuthorities().toString());
                usermap.put("sessionid", i.getSessionId());
                usermap.put("status", i.isExpired() ? "Expired" : "Aktif");
                userAktif.add(usermap);
            }
        }
    }

    return userAktif;
}

---

From source file:com.rr.wabshs.ui.controller.mainController.java

/**
 * The '/loginfailed' request will serve up the login page displaying the login failed error message
 *
 * @param request/*from w ww  .ja  v  a 2  s. com*/
 * @param response
 * @return   the error object and the login page view
 * @throws Exception
 */
@RequestMapping(value = "/loginfailed", method = RequestMethod.GET)
public ModelAndView loginerror(HttpServletRequest request, HttpServletResponse response) throws Exception {

    List<loggedInUsers> loggedInUsers = new ArrayList<loggedInUsers>();

    if (sessionRegistry.getAllPrincipals() != null) {

        Date rightNow = new Date();

        for (Object principal : sessionRegistry.getAllPrincipals()) {
            loggedInUsers loggedInUser = new loggedInUsers();

            UserDetails userDetails = (UserDetails) principal;

            for (SessionInformation information : sessionRegistry.getAllSessions(userDetails, true)) {
                long diff = rightNow.getTime() - information.getLastRequest().getTime();

                long minuteDiff = diff / (60 * 1000) % 60;
                long hourDiff = diff / (60 * 60 * 1000);

                if (hourDiff > 0) {
                    information.expireNow();
                    sessionRegistry.removeSessionInformation(information.getSessionId());
                } else if (minuteDiff > 30) {
                    information.expireNow();
                    sessionRegistry.removeSessionInformation(information.getSessionId());
                }
            }
        }
    }

    program programDetails = programmanager.getProgramById(programId);
    ModelAndView mav = new ModelAndView();
    mav.setViewName("/login");
    mav.addObject("programName", programDetails.getProgramName());
    mav.addObject("error", "true");
    return mav;

}

---