Cwikius-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

SEC-266: Handle -1 allowing unlimited logins, as per JavaDocs.

This commit is contained in:
Ben Alex 2006-05-23 10:49:23 +00:00
parent 501eaadd09
commit d795836bf1
1 changed files with 4 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
core/src/main/java/org/acegisecurity/concurrent/ConcurrentSessionControllerImpl.java
View File

@ -121,7 +121,11 @@ public class ConcurrentSessionControllerImpl
"getMaximumSessionsForThisUser() must return either -1 to allow unlimited logins, or a positive integer to specify a maximum"); "getMaximumSessionsForThisUser() must return either -1 to allow unlimited logins, or a positive integer to specify a maximum");
if (sessionCount < allowableSessions) { if (sessionCount < allowableSessions) {
// They haven't got too many login sessions running at present
return; return;
} else if (allowableSessions == -1) {
// We permit unlimited logins
return;
} else if (sessionCount == allowableSessions) { } else if (sessionCount == allowableSessions) {
// Only permit it though if this request is associated with one of the sessions // Only permit it though if this request is associated with one of the sessions
for (int i = 0; i < sessionCount; i++) { for (int i = 0; i < sessionCount; i++) {