刚上网看了点资料,一大堆的,我仅仅需要实现一个账户登录后,两一台机子用那个账户登录是登录不上的功能。
web.xml配置了
<listener>
<listener-class>
org.springframework.security.ui.session.HttpSessionEventPublisher
</listener-class>
</listener>
spring-security.xml配置了
<beans:bean id="sessionRegistry"
class="org.springframework.security.concurrent.SessionRegistryImpl" >
</beans:bean>
<http>
<concurrent-session-control max-sessions="1"
exception-if-maximum-exceeded="true" session-registry-ref="sessionRegistry" />
</http>
提示no authenticationEntryPoint published
然后我加了
<beans:bean id="entryPoint"
class="org.springframework.security.ui.webapp.AuthenticationProcessingFilterEntryPoint" >
<beans:property name="loginFormUrl" value="/login.jsp" ></beans:property>
</beans:bean>
<http entry-point-ref="entryPoint">
<concurrent-session-control max-sessions="1"
exception-if-maximum-exceeded="true" session-registry-ref="sessionRegistry" />
</http>
又提示
No authentication providers were found in the application context
还要加那个什么providers 么? 还需要什么配置吗?
------解决方案--------------------------------------------------------
没有监听session,
在web.xml里加
<listener>
<listener-class>
org.springframework.security.web.session.HttpSessionEventPublisher
</listener-class>
</listener>
//不过这是3.0的,2.0不是在这个包下,是在一个ui.什么,反正HttpSessionEventPublisher这个一样的你找找就知道了
------解决方案--------------------------------------------------------
<authentication-provider>
<jdbc-user-service data-source-ref="dataSource"
users-by-username-query="SELECT U.username, U.password, U.accountEnabled AS 'enabled' FROM User U where U.username=?"
authorities-by-username-query="SELECT U.username, R.name as 'authority' FROM User U JOIN Authority A ON u.id = A.userId JOIN Role R ON R.id = A.roleId WHERE U.username=?"/>
</authentication-provider>
觉得这里讲的还算明白:
http://www.blogjava.net/vcycyv/archive/2011/02/13/344196?opt=admin