Configuring session Management in Spring3 Security

When an account is logged in, it requires one account to be logged in at the same time, with three steps in the configuration: 1. Configuring Httpsessioneventpublisher in Web. xml

< Listener >     < Listener-class >org.springframework.security.web.session.HttpSessionEventPublisher</  Listener-class></listener>

2. Configure session Management in Security.xml

Session-management tags on HTTP tags

 <  session-management  invalid-session-url  = "/login?invalid_session"             >  <  concurrency-control  max-sessions  = "1"   error-if-maximum-exceeded  = "false"   Expired-url  = "/login?expired"  />  </ session-management  >  

Where the "Max-session" attribute indicates the maximum number of session sessions, the default is 1; " Error-if-maximum-exceeded "Property By default is False, indicating that the same account, first logged in, will be after the login force offline, when True, indicating that once a user logs in, other users will not be able to log in.

3. Override the Equals and Hashcode methods in the user login related class, and if you extend Userdetails, override its Equals and Hashcode methods

User.java

@Override Public Booleanequals (Object o) {if( This= = O)return true; if(! (OinstanceofUser))return false; User that=(User) o; if(GUID! =NULL!guid.equals (THAT.GUID): That.guid! =NULL)return false; return true; } @Override Public inthashcode () {returnGuid! =NULL? Guid.hashcode (): 0; }

Stuserdetails.java

@Override Public Booleanequals (Object o) {if( This= = O)return true; if(! (OinstanceofStuserdetails))return false; Stuserdetails that=(stuserdetails) o; if(Grantedauthorities! =NULL!grantedauthorities.equals (that.grantedauthorities): that.grantedauthorities! =NULL)            return false; if(User! =NULL!user.equals (that.user): That.user! =NULL)return false; return true; } @Override Public inthashcode () {intresult = user! =NULL? User.hashcode (): 0; Result= to * result + (grantedauthorities! =NULL? Grantedauthorities.hashcode (): 0); returnresult; }

Beginners, if there are mistakes, forget everyone advice!

Configuring session Management in Spring3 Security