Controle de sessão pelo Spring Security
11/09/2013 20:21
sessionRegistry(SessionRegistryImpl)
concurrencyFilter(ConcurrentSessionFilter) {
sessionRegistry = sessionRegistry
logoutHandlers = [
ref("rememberMeServices"),
ref("securityContextLogoutHandler")
]
expiredUrl='/login/concurrentSession'
}
concurrentSessionControlStrategy(ConcurrentSessionControlStrategy, sessionRegistry) {
alwaysCreateSession = true
exceptionIfMaximumExceeded = true
maximumSessions = 1
}
def init = { servletContext ->
//Registro de filtro para acesso concorrente.
SpringSecurityUtils.clientRegisterFilter('concurrencyFilter', SecurityFilterPosition.CONCURRENT_SESSION_FILTER)
//faz uma porrada de coisa
}
grails.plugins.springsecurity.useHttpSessionEventPublisher = true
class BootStrap {
//...
def authenticationProcessingFilter
def concurrentSessionControlStrategy
def init = { servletContext ->
//configura o filtro, como você já está fazendo...
authenticationProcessingFilter.sessionAuthenticationStrategy = concurrentSessionControlStrategy
}
Para se registrar, clique aqui.