구분 값을 활용한 중복 로그인 세션값 설정
import org.springframework.security.core.session.SessionRegistry;
import org.springframework.security.web.authentication.session.ConcurrentSessionControlAuthenticationStrategy;
public class CustomConcurrentSessionControlAuthenticationStrategy extends ConcurrentSessionControlAuthenticationStrategy{
public CustomConcurrentSessionControlAuthenticationStrategy(SessionRegistry sessionRegistry) {
super(sessionRegistry);
String active = "DEV";
System.out.println("active ============> " + active);
super.setMaximumSessions("DEV".equals(active) ? 1 :2);
}
}xml 설정
<!-- 관리자 인증 권한 체크 설정 -->
<http auto-config="true" pattern="/admin/**" use-expressions="true" authentication-manager-ref="adminAuthManager" access-decision-manager-ref="adminAccessDecisionManager">
<custom-filter position="CONCURRENT_SESSION_FILTER" ref="concurrencyFilter"/>
<anonymous enabled="false" />
<intercept-url pattern="/admin/**" access="isAuthenticated()" />
<form-login login-page="/admin/login.do"
login-processing-url="/admin/loginProcess.do"
authentication-success-handler-ref="adminLoginSuccessHandler"
authentication-failure-handler-ref="adminLoginFailureHandler" />
<logout logout-url="/admin/logoutProcess.do"
success-handler-ref="adminLogoutSuccessHandler" invalidate-session="true" />
<!-- <session-management invalid-session-url="/admin/login.do"> -->
<!-- <concurrency-control max-sessions="1" expired-url="/admin/login.do" /> -->
<!-- </session-management> -->
<session-management session-authentication-strategy-ref="sas"/>
</http>
<beans:bean id="concurrencyFilter" class="org.springframework.security.web.session.ConcurrentSessionFilter">
<beans:constructor-arg name="sessionRegistry" ref="sessionRegistry" />
<beans:constructor-arg name="expiredUrl" value="/admin/login.do" />
</beans:bean>
<beans:bean id="sas" class="org.springframework.security.web.authentication.session.CompositeSessionAuthenticationStrategy">
<beans:constructor-arg>
<beans:list>
<beans:bean class="com.kmw.sample.admin.security.CustomConcurrentSessionControlAuthenticationStrategy">
<beans:constructor-arg ref="sessionRegistry"/>
</beans:bean>
<beans:bean class="org.springframework.security.web.authentication.session.RegisterSessionAuthenticationStrategy">
<beans:constructor-arg ref="sessionRegistry"/>
</beans:bean>
</beans:list>
</beans:constructor-arg>
</beans:bean>'개발' 카테고리의 다른 글
| jquery를 이용한 테이블 만들기 (0) | 2021.08.05 |
|---|---|
| 단순한 javascript XSS Filter (0) | 2021.06.10 |
| Jquery event 첫번째 순서 (0) | 2021.05.25 |
| jQuery Autocomplete ajax (0) | 2020.08.21 |