Commits

明点软件  committed 3713114

增加手动移除Session功能

  • Participants
  • Parent commits b89c7a3
  • Tags 1.0.3

Comments (0)

Files changed (6)

 
 target-eclipse/classes/BootStrap$_closure1.class
 target-eclipse/*
+*.iml
 syntax: regexp
 ^Grails-spring-security-taobao-grailsPlugins\.iml$
 syntax: regexp

File SpringSecurityTaobaoGrailsPlugin.groovy

 * See the License for the specific language governing permissions and
 * limitations under the License.
 */
-import java.util.List
+import org.codehaus.groovy.grails.plugins.springsecurity.SecurityFilterPosition
+import org.codehaus.groovy.grails.plugins.springsecurity.SpringSecurityUtils
+import org.springframework.security.core.session.SessionRegistryImpl
+import org.springframework.security.web.authentication.session.ConcurrentSessionControlStrategy
+import org.springframework.security.web.session.ConcurrentSessionFilter
 
-import org.codehaus.groovy.grails.plugins.springsecurity.SpringSecurityUtils
-import org.codehaus.groovy.grails.plugins.springsecurity.SecurityFilterPosition
 import com.mingidea.security.taobao.*
 
 /**
 */
 class SpringSecurityTaobaoGrailsPlugin {
     // the plugin version
-    def version = "1.0.0"
+    def version = "1.0.3"
     // the version or versions of Grails the plugin is designed for
     def grailsVersion = "2.1 > *"
     // the other plugins this plugin depends on
 
         SpringSecurityUtils.registerProvider 'taobaoAuthenticationProvider'
         SpringSecurityUtils.registerFilter 'taobaoAuthenticationFilter', SecurityFilterPosition.OPENID_FILTER
+		SpringSecurityUtils.registerFilter 'concurrentSessionFilter', SecurityFilterPosition.CONCURRENT_SESSION_FILTER
 
         taobaoAuthenticationProvider(TaobaoAuthenticationProvider) {
 			
             rememberMeServices = ref('rememberMeServices')
             allowSessionCreation = conf.apf.allowSessionCreation
         }
+		
+		sessionAuthenticationStrategy(ConcurrentSessionControlStrategy, ref('sessionRegistry')) {
+			maximumSessions = conf.maxConcurrentSessions //default is -1 for unlimited sessions
+		}
+		
+		concurrentSessionFilter(ConcurrentSessionFilter) {
+			sessionRegistry = ref('sessionRegistry')
+			expiredUrl = conf.expiredUrl
+		}
+		
+		sessionRegistry(SessionRegistryImpl)
     }
 
     def doWithApplicationContext = { applicationContext ->

File application.properties

 #Grails Metadata file
-#Thu Aug 16 00:01:18 CST 2012
-app.grails.version=2.1.0
+#Sun Aug 19 15:12:55 CST 2012
+app.grails.version=2.0.0
 app.name=spring-security-taobao
-plugins.hibernate=2.1.0
+plugins.hibernate=2.0.0
 plugins.release=2.0.4
 plugins.spring-security-core=1.2.7.3
-plugins.tomcat=2.1.0
+plugins.tomcat=2.0.0

File src/groovy/test/TestTaobaoAuthenticationDao.groovy

 	}
 
 	public void create(TaobaoUser taobaoUser) {
-		print 'create taobao user: ' + taobaoUser.nick
+		print 'create taobao user: ' + taobaoUser.nickname
 
 	}
 

File src/java/com/mingidea/security/taobao/TaobaoAuthenticationProvider.java

         validateCredentials(credentials);
 
         // 淘宝用户昵称
-        String nick = null;
-        String subTaobaoUserNick = credentials.getSubTaobaoUserNick(); // 子账号
-        if (StringUtils.isNotBlank(subTaobaoUserNick)) {
-            nick = subTaobaoUserNick;
-        } else {
-            nick = credentials.getVisitorNick();
-        }
+        String mainNickname = credentials.getVisitorNick(); // 主账号
+        String subNickname = credentials.getSubTaobaoUserNick(); // 子账号
+        String nickname = (subNickname != null) ? subNickname : mainNickname;
 
         String appKey = credentials.getAppKey();
         String session = credentials.getSession();
 
-        TaobaoUser taobaoUser = taobaoAuthenticationDao.find(nick, appKey);
+        TaobaoUser taobaoUser = taobaoAuthenticationDao.find(nickname, appKey);
         if (taobaoUser == null) {
-            log.debug("create taobao user {}", nick);
-            taobaoUser = new TaobaoUser(nick, appKey, session);
+            log.debug("create taobao user {}", nickname);
+            taobaoUser = new TaobaoUser(nickname, appKey, session);
             taobaoAuthenticationDao.create(taobaoUser);
             applicationContext.publishEvent(new TaobaoUserCreatedEvent(this, taobaoUser));
         } else {
             if (taobaoUser.getSession() != session) {
-                log.debug("update taobao user {} with session {}", nick, session);
+                log.debug("update taobao user {} with session {}", nickname, session);
                 taobaoUser.setSession(session);
                 taobaoAuthenticationDao.update(taobaoUser);
                 applicationContext.publishEvent(new TaobaoUserUpdatedEvent(this, taobaoUser));
         UserDetails userDetails = taobaoAuthenticationDao.getPrincipal(taobaoUser);
 
         if (userDetails == null) {
-            throw new PrincipalNotFoundException("can not found principal for taobao user [" + nick + "]");
+            throw new PrincipalNotFoundException("can not found principal for taobao user [" + nickname + "]");
         } else {
             //remove credentials
             return new TaobaoAuthenticationToken(userDetails, null, userDetails.getAuthorities());

File src/java/com/mingidea/security/taobao/TaobaoUser.java

 package com.mingidea.security.taobao;
 
 public class TaobaoUser {
-	private String nick;
+    /** 昵称(如果该用户是子账号则为子账号,否则则与主账号相同) */
+    private String nickname;
+
 	private String appKey;
 	private String session;
 
-	public TaobaoUser(String nick, String appKey, String session) {
-		this.nick = nick;
+	public TaobaoUser(String nickname, String appKey, String session) {
+        this.nickname = nickname;
 		this.appKey = appKey;
 		this.session = session;
 	}
-	
-	public String getNick() {
-		return nick;
-	}
 
-	public void setNick(String nick) {
-		this.nick = nick;
-	}
+    public void setNickname(String nickname) {
+        this.nickname = nickname;
+    }
 
-	public String getAppKey() {
+    public String getNickname() {
+        return nickname;
+    }
+
+    public String getAppKey() {
 		return appKey;
 	}