aspose file tools*
The moose likes Spring and the fly likes Spring security and session management without using spring MVC module Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Frameworks » Spring
Bookmark "Spring security and session management without using spring MVC module" Watch "Spring security and session management without using spring MVC module" New topic
Author

Spring security and session management without using spring MVC module

Nagbhushan Menasigi
Greenhorn

Joined: Apr 08, 2011
Posts: 1
Hi,

M currently working on spring 2.5 for security puposes. My question is how to maintain or monitor a session through spring-config.xml or spring-security.xml. I want step by step procedure. Following are the objectives I want to achieve:

1. Traditional session time out after specified amount of time.
2. Invalide session and redirect to specifed url.
3. Not more that 1 user can login with same user name i.e concurrency control.

Note: I am not using Spring MVC module and we are using Struts 2.0 so, just for request dispatching we are using session oject of servlet. To transfer the data but to control the overall sesison I want to use springconfig.xml.


Thanks !
Mark Spritzler
ranger
Sheriff

Joined: Feb 05, 2001
Posts: 17256
    
    6

Nagbhushan Menasigi wrote:Hi,

M currently working on spring 2.5 for security puposes. My question is how to maintain or monitor a session through spring-config.xml or spring-security.xml. I want step by step procedure. Following are the objectives I want to achieve:

1. Traditional session time out after specified amount of time.
2. Invalide session and redirect to specifed url.
3. Not more that 1 user can login with same user name i.e concurrency control.

Note: I am not using Spring MVC module and we are using Struts 2.0 so, just for request dispatching we are using session oject of servlet. To transfer the data but to control the overall sesison I want to use springconfig.xml.


Thanks !


You would do the exact same thing. Are you using the Spring integration with Struts 2?

You make a security configuration using the security namespace and then secure your url with <security:url-intercept> There are tags and attributes within that namespaces to set things about your session. I am not sure about #3 though.

You can look at the Spring Security documentation on securing web pages.

Mark


Perfect World Programming, LLC - Two Laptop Bag - Tube Organizer
How to Ask Questions the Smart Way FAQ
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: Spring security and session management without using spring MVC module