开发者

How to subclass concurency control in spring, and what exception is thrown?

开发者 https://www.devze.com 2023-03-11 02:31 出处:网络
Right now in Spring security I have this code: <session-management> <concurrency-control max-sessions=\"1\" error-if-maximum-exceeded=\"true\" />

Right now in Spring security I have this code:

<session-management>
    <concurrency-control max-sessions="1" error-if-maximum-exceeded="true" />
</session-management>

If someone attempts to start a concurrent session, an exception is thrown. The way my application handles exceptions is by catching them and then throwing a custom exception that will be displayed to the user. My question is two-part.

First, and most importantly, how do I create a custom class that can be given to session management so that it can catch the old exception and throw the new? It seems to me that I need to subclass concurrency-control, and make a bean of some sort within my security context, but I am not sure how to do that.

Second, what is the name of the exception that will be thrown (the one I need to catch)? My guess is that it will be an AccessDeniedException, but I am unsure. This is not as important as the first question, because once I know the correct class I must subclass, I will know what exceptions it could be.

Thanks for the help,

Mirrore开发者_运维知识库dFate


Ahh... I have found my answer.

I subclassed ConcurrentSessionControlStrategy, and over-rode the method allowableSessionsExceeded. This method throws a SessionAuthenticationException, who's message I changed before throwing it again. I had to add this code:

<security:session-management session-authentication-strategy-ref="ccc"/>

<beans:bean id="ccc"
    class="com.lim.lds.client.sqlloader.security.CustomConcurrencyControl">
    <beans:constructor-arg name="sessionRegistry"
        ref="sessionRegistry" />
    <beans:property name="maximumSessions" value="1" />
</beans:bean>

<beans:bean id="sessionRegistry" class="org.springframework.security.core.session.SessionRegistryImpl" />

to my spring-security.xml file.

I hope this helps anyone in a similar situation!

0

精彩评论

暂无评论...
验证码 换一张
取 消