java 我如何获得 Spring Security SessionRegistry?
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/3886256/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
How do I get the Spring Security SessionRegistry?
提问by Griff
I can't seem to find how to get a reference to the Spring Security (V3) SessionRegistry inside of a Struts action.
我似乎无法找到如何在 Struts 操作中获取对 Spring Security (V3) SessionRegistry 的引用。
I've configured the listener inside of my web.xml file:
我已经在 web.xml 文件中配置了监听器:
<listener>
<listener-class>org.springframework.security.web.session.HttpSessionEventPublisher</listener-class>
</listener>
And I've tried to use the @Autowired annotation to bring it into an action:
我尝试使用 @Autowired 注释将其带入操作:
@Autowired
private SessionRegistry sessionRegistry;
@Override
public String execute() throws Exception {
numberOfUsersLoggedin= sessionRegistry.getAllPrincipals().size();
return SUCCESS;
}
public SessionRegistry getSessionRegistry() {
return sessionRegistry;
}
public void setSessionRegistry(SessionRegistry sessionRegistry) {
this.sessionRegistry = sessionRegistry;
}
The http configuration looks like this:
http 配置如下所示:
<session-management invalid-session-url="/public/login.do?login_error=expired"
session-authentication-error-url="/public/login.do"
session-fixation-protection="newSession">
<concurrency-control max-sessions="1" error-if-maximum-exceeded="true"/>
</session-management>
Generally I am more comfortable wiring the Spring bean myself, but not sure how this is exposed using the namespace. Each time the action executes, the session registry is null.
一般来说,我更愿意自己连接 Spring bean,但不确定如何使用命名空间公开它。每次执行操作时,会话注册表都为空。
Can anyone point out what I am doing wrong here, or show me the way to an example?
谁能指出我在这里做错了什么,或者告诉我一个例子的方法?
Thanks in advance for any/all replies!
提前感谢您的任何/所有回复!
采纳答案by Raghuram
Not sure if you have referred to Session Managementsection in Spring Security reference documentation. It has a snippet combining namespace and custom beans.
不确定您是否参考了 Spring Security 参考文档中的会话管理部分。它有一个结合命名空间和自定义 bean 的片段。
回答by Demwis
If you are configuring Spring Security by namespace, the following attributes of concurrency-controltag can be useful for accessing SystemRegistry:
如果您是按命名空间配置 Spring Security,则concurrency-control标记的以下属性对于访问 SystemRegistry 很有用:
- session-registry-alias.
- session-registry-ref.
- 会话注册表别名。
- 会话注册参考。
Description of each of attributes from official documentation:
官方文档中每个属性的描述:
session-registry-alias.It can also be useful to have a reference to the internal session registry for use in your own beans or an admin interface. You can expose the internal bean using the session-registry-alias attribute, giving it a name that you can use elsewhere in your configuration.
session-registry-ref. The user can supply their own SessionRegistry implementation using the session-registry-ref attribute. The other concurrent session control beans will be wired up to use it.
会话注册表别名。引用内部会话注册表以在您自己的 bean 或管理界面中使用也很有用。您可以使用 session-registry-alias 属性公开内部 bean,给它一个名称,您可以在配置中的其他地方使用它。
会话注册表引用。用户可以使用 session-registry-ref 属性提供他们自己的 SessionRegistry 实现。其他并发会话控制 bean 将被连接起来使用它。
