Cwikius-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Tidy up screwy formatting.

This commit is contained in:
Luke Taylor 2006-04-26 21:19:20 +00:00
parent a7d0f88e01
commit 8400341399
1 changed files with 81 additions and 81 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

162
core/src/main/java/org/acegisecurity/concurrent/ConcurrentSessionControllerImpl.java
View File

@ -28,15 +28,17 @@ import org.springframework.util.Assert;
/** /**
* Base implementation of {@link ConcurrentSessionControllerImpl} which * Base implementation of {@link ConcurrentSessionControllerImpl} which
* prohibits simultaneous logins. * prohibits simultaneous logins.
*
* <p> * <p>
* By default uses {@link org.acegisecurity.concurrent.SessionRegistryImpl}, * By default uses {@link SessionRegistryImpl},
* although any <code>SessionRegistry</code> may be used. * although any <code>SessionRegistry</code> may be used.
* </p> * </p>
*
* @author Ben Alex
* @version $Id$
*/ */
public class ConcurrentSessionControllerImpl public class ConcurrentSessionControllerImpl implements ConcurrentSessionController,
implements ConcurrentSessionController, InitializingBean, InitializingBean, MessageSourceAware {
MessageSourceAware {
//~ Instance fields ======================================================== //~ Instance fields ========================================================
protected MessageSourceAccessor messages = AcegiMessageSource.getAccessor(); protected MessageSourceAccessor messages = AcegiMessageSource.getAccessor();
@ -49,7 +51,7 @@ public class ConcurrentSessionControllerImpl
public void afterPropertiesSet() throws Exception { public void afterPropertiesSet() throws Exception {
Assert.notNull(sessionRegistry, "SessionRegistry required"); Assert.notNull(sessionRegistry, "SessionRegistry required");
Assert.isTrue(maximumSessions != 0, Assert.isTrue(maximumSessions != 0,
"MaximumLogins must be either -1 to allow unlimited logins, or a positive integer to specify a maximum"); "MaximumLogins must be either -1 to allow unlimited logins, or a positive integer to specify a maximum");
Assert.notNull(this.messages, "A message source must be set"); Assert.notNull(this.messages, "A message source must be set");
} }
@ -57,22 +59,21 @@ public class ConcurrentSessionControllerImpl
* Allows subclasses to customise behaviour when too many sessions are * Allows subclasses to customise behaviour when too many sessions are
* detected. * detected.
* *
* @param sessionId the session ID of the present request * @param sessionId the session ID of the present request
* @param sessions either <code>null</code> or all unexpired sessions * @param sessions either <code>null</code> or all unexpired sessions
* associated with the principal * associated with the principal
* @param allowableSessions DOCUMENT ME! * @param allowableSessions DOCUMENT ME!
* @param registry an instance of the <code>SessionRegistry</code> for * @param registry an instance of the <code>SessionRegistry</code> for
* subclass use * subclass use
*
* @throws ConcurrentLoginException DOCUMENT ME! * @throws ConcurrentLoginException DOCUMENT ME!
*/ */
protected void allowableSessionsExceeded(String sessionId, protected void allowableSessionsExceeded(String sessionId,
SessionInformation[] sessions, int allowableSessions, SessionInformation[] sessions, int allowableSessions,
SessionRegistry registry) { SessionRegistry registry) {
if (exceptionIfMaximumExceeded || (sessions == null)) { if (exceptionIfMaximumExceeded || (sessions == null)) {
throw new ConcurrentLoginException(messages.getMessage( throw new ConcurrentLoginException(messages.getMessage(
"ConcurrentSessionControllerImpl.exceededAllowed", "ConcurrentSessionControllerImpl.exceededAllowed",
new Object[] {new Integer(allowableSessions)}, new Object[]{new Integer(allowableSessions)},
"Maximum sessions of {0} for this principal exceeded")); "Maximum sessions of {0} for this principal exceeded"));
} }
@ -81,8 +82,8 @@ public class ConcurrentSessionControllerImpl
for (int i = 0; i < sessions.length; i++) { for (int i = 0; i < sessions.length; i++) {
if ((leastRecentlyUsed == null) if ((leastRecentlyUsed == null)
|| sessions[i].getLastRequest() || sessions[i].getLastRequest()
.before(leastRecentlyUsed.getLastRequest())) { .before(leastRecentlyUsed.getLastRequest())) {
leastRecentlyUsed = sessions[i]; leastRecentlyUsed = sessions[i];
} }
} }
@ -91,87 +92,86 @@ public class ConcurrentSessionControllerImpl
} }
public void checkAuthenticationAllowed(Authentication request) public void checkAuthenticationAllowed(Authentication request)
throws AuthenticationException { throws AuthenticationException {
Assert.notNull(request, Assert.notNull(request,
"Authentication request cannot be null (violation of interface contract)"); "Authentication request cannot be null (violation of interface contract)");
Object principal = SessionRegistryUtils Object principal = SessionRegistryUtils
.obtainPrincipalFromAuthentication(request); .obtainPrincipalFromAuthentication(request);
String sessionId = SessionRegistryUtils String sessionId = SessionRegistryUtils
.obtainSessionIdFromAuthentication(request); .obtainSessionIdFromAuthentication(request);
SessionInformation[] sessions = sessionRegistry.getAllSessions(principal); SessionInformation[] sessions = sessionRegistry.getAllSessions(principal);
int sessionCount = 0; int sessionCount = 0;
if (sessions != null) { if (sessions != null) {
sessionCount = sessions.length; sessionCount = sessions.length;
} }
int allowableSessions = getMaximumSessionsForThisUser(request); int allowableSessions = getMaximumSessionsForThisUser(request);
Assert.isTrue(allowableSessions != 0, Assert.isTrue(allowableSessions != 0,
"getMaximumSessionsForThisUser() must return either -1 to allow unlimited logins, or a positive integer to specify a maximum"); "getMaximumSessionsForThisUser() must return either -1 to allow unlimited logins, or a positive integer to specify a maximum");
if (sessionCount < allowableSessions) { if (sessionCount < allowableSessions) {
return;
} else if (sessionCount == allowableSessions) {
// Only permit it though if this request is associated with one of the sessions
for (int i = 0; i < sessionCount; i++) {
if (sessions[i].getSessionId().equals(sessionId)) {
return; return;
} else if (sessionCount == allowableSessions) {
// Only permit it though if this request is associated with one of the sessions
for (int i = 0; i < sessionCount; i++) {
if (sessions[i].getSessionId().equals(sessionId)) {
return;
}
}
} }
allowableSessionsExceeded(sessionId, sessions,
allowableSessions, sessionRegistry);
} }
}
/** allowableSessionsExceeded(sessionId, sessions,
* Method intended for use by subclasses to override the maximum allowableSessions, sessionRegistry);
* number of sessions that are permitted for a particular }
* authentication. The default implementation simply returns the
* <code>maximumSessions</code> value for the bean.
*
* @param authentication to determine the maximum sessions for
*
* @return either -1 meaning unlimited, or a positive integer to
* limit (never zero)
*/
protected int getMaximumSessionsForThisUser(
Authentication authentication) {
return maximumSessions;
}
public void registerSuccessfulAuthentication( /**
Authentication authentication) { * Method intended for use by subclasses to override the maximum
Assert.notNull(authentication, * number of sessions that are permitted for a particular
"Authentication cannot be null (violation of interface contract)"); * authentication. The default implementation simply returns the
* <code>maximumSessions</code> value for the bean.
*
* @param authentication to determine the maximum sessions for
* @return either -1 meaning unlimited, or a positive integer to
* limit (never zero)
*/
protected int getMaximumSessionsForThisUser(
Authentication authentication) {
return maximumSessions;
}
Object principal = SessionRegistryUtils public void registerSuccessfulAuthentication(
.obtainPrincipalFromAuthentication(authentication); Authentication authentication) {
String sessionId = SessionRegistryUtils Assert.notNull(authentication,
.obtainSessionIdFromAuthentication(authentication); "Authentication cannot be null (violation of interface contract)");
sessionRegistry.removeSessionInformation(sessionId); Object principal = SessionRegistryUtils
sessionRegistry.registerNewSession(sessionId, principal); .obtainPrincipalFromAuthentication(authentication);
} String sessionId = SessionRegistryUtils
.obtainSessionIdFromAuthentication(authentication);
public void setExceptionIfMaximumExceeded( sessionRegistry.removeSessionInformation(sessionId);
boolean exceptionIfMaximumExceeded) { sessionRegistry.registerNewSession(sessionId, principal);
this.exceptionIfMaximumExceeded = exceptionIfMaximumExceeded; }
}
public void setMaximumSessions(int maximumSessions) { public void setExceptionIfMaximumExceeded(
this.maximumSessions = maximumSessions; boolean exceptionIfMaximumExceeded) {
} this.exceptionIfMaximumExceeded = exceptionIfMaximumExceeded;
}
public void setMessageSource(MessageSource messageSource) { public void setMaximumSessions(int maximumSessions) {
this.messages = new MessageSourceAccessor(messageSource); this.maximumSessions = maximumSessions;
} }
public void setSessionRegistry( public void setMessageSource(MessageSource messageSource) {
SessionRegistry sessionRegistry) { this.messages = new MessageSourceAccessor(messageSource);
this.sessionRegistry = sessionRegistry; }
}
} public void setSessionRegistry(
SessionRegistry sessionRegistry) {
this.sessionRegistry = sessionRegistry;
}
}