fineract-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Usman Khaliq <usman.khali...@gmail.com>
Subject Limiting Concurrent User Sessions to 1
Date Wed, 10 May 2017 13:23:38 GMT
Hi everyone,

I have written the following code in the infrastructure/core/boot directory
to set the number of concurrent user sessions at 1:

@EnableWebSecurity
@Configuration
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {

    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http
                .authorizeRequests()
                .anyRequest()
                .authenticated()
                    .and()
                .sessionManagement()
                    .maximumSessions(1)
                    .maxSessionsPreventsLogin(true)
                    .sessionRegistry(sessionRegistry());
    }

    // Work around https://jira.spring.io/browse/SEC-2855
    @Bean
    public SessionRegistry sessionRegistry() {
        SessionRegistry sessionRegistry = new SessionRegistryImpl();
        return sessionRegistry;
    }

    @Autowired
    public void configureGlobal(AuthenticationManagerBuilder auth) throws
Exception {
        auth
                .inMemoryAuthentication()
                    .withUser("mifos").password("password").roles("USER");
    }

    // Register HttpSessionEventPublisher
    @Bean
    public static ServletListenerRegistrationBean
httpSessionEventPublisher() {
        return new ServletListenerRegistrationBean(new
HttpSessionEventPublisher());
    }
}

I have also registered the Spring Security filter created above in the
AbstractSecurityWebApplicationInitializer in the infrastructure/core/boot
directory as follows:

public class SecurityWebApplicationInitializer
    extends AbstractSecurityWebApplicationInitializer {
    protected Class<?>[] getRootConfigClasses() {
        return new Class[] { WebSecurityConfig.class };
    }
}
However, I am still able to log into multiple browser sessions from my
machine. Any advise on what I am doing wrong with my code? Thanks in
advance.

-- 
Kind Regards
Usman Khaliq
Programmer and R&D Lead
iDT Labs
5 Foday Drive,Regent Road,Hill Station
Freetown,Sierra Leone
Tel: +92334 3777 059/ + 232 77 775 775
Skype: usman.khaliq
Website:www.idtlabs.sl

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message