当前位置: 代码迷 >> Java Web开发 >> spring security 2.0 仅实现单点登录怎么配置
  详细解决方案

spring security 2.0 仅实现单点登录怎么配置

热度:10019   发布时间:2013-02-25 21:15:22.0
spring security 2.0 仅实现单点登录如何配置?
刚上网看了点资料,一大堆的,我仅仅需要实现一个账户登录后,两一台机子用那个账户登录是登录不上的功能。

web.xml配置了
<listener>
<listener-class>
org.springframework.security.ui.session.HttpSessionEventPublisher
</listener-class>
</listener>

spring-security.xml配置了
<beans:bean id="sessionRegistry"
class="org.springframework.security.concurrent.SessionRegistryImpl" >
</beans:bean>
<http>
<concurrent-session-control max-sessions="1"
exception-if-maximum-exceeded="true" session-registry-ref="sessionRegistry" />
</http>

提示no authenticationEntryPoint published

然后我加了
<beans:bean id="entryPoint"
class="org.springframework.security.ui.webapp.AuthenticationProcessingFilterEntryPoint" >
<beans:property name="loginFormUrl" value="/login.jsp" ></beans:property>
</beans:bean>
<http entry-point-ref="entryPoint">
<concurrent-session-control max-sessions="1"
exception-if-maximum-exceeded="true" session-registry-ref="sessionRegistry" />
</http>
又提示
No authentication providers were found in the application context

还要加那个什么providers 么? 还需要什么配置吗?

------解决方案--------------------------------------------------------
没有监听session,

在web.xml里加

<listener>
<listener-class>
org.springframework.security.web.session.HttpSessionEventPublisher
</listener-class>
</listener>
//不过这是3.0的,2.0不是在这个包下,是在一个ui.什么,反正HttpSessionEventPublisher这个一样的你找找就知道了
------解决方案--------------------------------------------------------
<authentication-provider>
<jdbc-user-service data-source-ref="dataSource"
users-by-username-query="SELECT U.username, U.password, U.accountEnabled AS 'enabled' FROM User U where U.username=?"
authorities-by-username-query="SELECT U.username, R.name as 'authority' FROM User U JOIN Authority A ON u.id = A.userId JOIN Role R ON R.id = A.roleId WHERE U.username=?"/>
</authentication-provider>

觉得这里讲的还算明白:
http://www.blogjava.net/vcycyv/archive/2011/02/13/344196?opt=admin
  相关解决方案