Tomcat7でSpring 3.2とSpring-security 3.1をjsf + primefacesとhibernate4とともに使用しています
ユーザーのセッションを 1 つに制限する同時実行制御を追加し、2 回目にログインしようとするとエラー メッセージを表示したいと考えていました。問題は。ChromeとFirefoxの両方にログインできます。複数のログインを防止するものではありません。私のセキュリティ設定を見ることができます。また、初回ログイン時と 2 回目ログイン時に生成されるログ 何が問題なのですか?
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:security="http://www.springframework.org/schema/security"
xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans-3.1.xsd
http://www.springframework.org/schema/security
http://www.springframework.org/schema/security/spring-security-3.1.xsd">
<security:http pattern="/resources/**" security="none" />
<security:http pattern="/authentication/**" security="none" />
<security:http auto-config='true'
access-decision-manager-ref="accessDecisionManager">
<security:intercept-url pattern="/pages/**"
access="PRV_LOGIN" />
<security:access-denied-handler
error-page="/error/error.jsf" />
<security:logout logout-success-url="/" logout-url="/logout"
delete-cookies="JSESSIONID" />
<security:form-login login-page='/login'
login-processing-url="/logincheck" default-target-url="/home"
always-use-default-target="true" />
<security:session-management
invalid-session-url="/login">
<security:concurrency-control
error-if-maximum-exceeded="true" max-sessions="1" expired-url="/login"
session-registry-ref="sessionRegistry" />
</security:session-management>
</security:http>
<security:authentication-manager>
<security:authentication-provider
user-service-ref="userSessionDetailsUtil">
<security:password-encoder ref="passwordEncoderUtil">
<security:salt-source user-property="username" />
</security:password-encoder>
</security:authentication-provider>
</security:authentication-manager>
<!-- Security(Authentication, Encoding) implementations -->
<bean id="userSessionDetailsUtil" class="com.i2i.copycat.service.util.UserSessionDetailsUtil">
</bean>
<bean id="passwordEncoderUtil" class="com.i2i.copycat.service.util.PasswordEncoderUtil">
<property name="passwordEncoder" ref="springShaPasswordEncoder"></property>
</bean>
<!-- Spring Security's sha capable password encoder -->
<bean id="springShaPasswordEncoder"
class="org.springframework.security.authentication.encoding.ShaPasswordEncoder">
<constructor-arg value="256" />
</bean>
<!-- Custom Privilege Names to be accepted -->
<bean id="accessDecisionManager"
class="org.springframework.security.access.vote.AffirmativeBased">
<property name="decisionVoters">
<bean class="org.springframework.security.access.vote.RoleVoter">
<property name="rolePrefix" value="PRV_" />
</bean>
</property>
</bean>
<!-- Concurrent Session Control Beans -->
<bean id="sessionRegistry"
class="org.springframework.security.core.session.SessionRegistryImpl" />
初回ログイン
2012-06-16 13:18:22,325 231156 [080-exec-9] DEBUG ..hibernate.internal.SessionImpl - Opened session at timestamp: 5487992431767552
2012-06-16 13:18:22,342 231173 [080-exec-9] DEBUG ..jdbc.internal.LogicalConnectionImpl - Obtaining JDBC connection
2012-06-16 13:18:22,343 231174 [080-exec-9] DEBUG ..jdbc.internal.LogicalConnectionImpl - Obtained JDBC connection
2012-06-16 13:18:22,343 231174 [080-exec-9] DEBUG ..transaction.spi.AbstractTransactionImpl - begin
2012-06-16 13:18:22,343 231174 [080-exec-9] DEBUG ..internal.jdbc.JdbcTransaction - initial autocommit status: true
2012-06-16 13:18:22,343 231174 [080-exec-9] DEBUG ..internal.jdbc.JdbcTransaction - disabling autocommit
2012-06-16 13:18:22,346 231177 [080-exec-9] DEBUG ..service.util.UserSessionDetailsUtil - Loading user by name[admin]
2012-06-16 13:18:22,347 231178 [080-exec-9] DEBUG ..copycat.domain.User - [User][Operation:getMatchingUnique() ][Session:1630011351][Transaction:151891478]User
2012-06-16 13:18:22,351 231182 [080-exec-9] DEBUG ..copycat.domain.User - [User][Operation:addRestrictionToCriteria() ][Session:1630011351][Transaction:151891478]User
2012-06-16 13:18:22,497 231328 [080-exec-9] DEBUG ..org.hibernate.SQL -
2012-06-16 13:18:22,546 231377 [080-exec-9] DEBUG ..hibernate.loader.Loader - Result set row: 0
2012-06-16 13:18:22,552 231383 [080-exec-9] DEBUG ..hibernate.loader.Loader - Result row: EntityKey[com.i2i.copycat.domain.User#2]
2012-06-16 13:18:22,563 231394 [080-exec-9] DEBUG ..engine.internal.TwoPhaseLoad - Resolving associations for [com.i2i.copycat.domain.User#2]
2012-06-16 13:18:22,567 231398 [080-exec-9] DEBUG ..hibernate.loader.Loader - Loading entity: [com.i2i.copycat.domain.UserType#SYS]
2012-06-16 13:18:22,567 231398 [080-exec-9] DEBUG ..org.hibernate.SQL
2012-06-16 13:18:22,568 231399 [080-exec-9] DEBUG ..hibernate.loader.Loader - Result set row: 0
2012-06-16 13:18:22,568 231399 [080-exec-9] DEBUG ..hibernate.loader.Loader - Result row: EntityKey[com.i2i.copycat.domain.UserType#SYS]
2012-06-16 13:18:22,569 231400 [080-exec-9] DEBUG ..engine.internal.TwoPhaseLoad - Resolving associations for [com.i2i.copycat.domain.UserType#SYS]
2012-06-16 13:18:22,577 231408 [080-exec-9] DEBUG ..engine.internal.TwoPhaseLoad - Adding entity to second-level cache: [com.i2i.copycat.domain.UserType#SYS]
2012-06-16 13:18:22,585 231416 [080-exec-9] DEBUG ..engine.internal.TwoPhaseLoad - Done materializing entity [com.i2i.copycat.domain.UserType#SYS]
2012-06-16 13:18:22,585 231416 [080-exec-9] DEBUG ..hibernate.loader.Loader - Done entity load
2012-06-16 13:18:22,586 231417 [080-exec-9] DEBUG ..hibernate.loader.Loader - Loading entity: [com.i2i.copycat.domain.Group#1]
2012-06-16 13:18:22,586 231417 [080-exec-9] DEBUG ..org.hibernate.SQL -
2012-06-16 13:18:22,588 231419 [080-exec-9] DEBUG ..hibernate.loader.Loader - Result set row: 0
2012-06-16 13:18:22,588 231419 [080-exec-9] DEBUG ..hibernate.loader.Loader - Result row: EntityKey[com.i2i.copycat.domain.Group#1]
2012-06-16 13:18:22,590 231421 [080-exec-9] DEBUG ..engine.internal.TwoPhaseLoad - Resolving associations for [com.i2i.copycat.domain.Group#1]
2012-06-16 13:18:22,592 231423 [080-exec-9] DEBUG ..engine.internal.TwoPhaseLoad - Adding entity to second-level cache: [com.i2i.copycat.domain.Group#1]
2012-06-16 13:18:22,597 231428 [080-exec-9] DEBUG ..engine.internal.TwoPhaseLoad - Done materializing entity [com.i2i.copycat.domain.Group#1]
2012-06-16 13:18:22,597 231428 [080-exec-9] DEBUG ..hibernate.loader.Loader - Done entity load
2012-06-16 13:18:22,597 231428 [080-exec-9] DEBUG ..engine.internal.TwoPhaseLoad - Adding entity to second-level cache: [com.i2i.copycat.domain.User#2]
2012-06-16 13:18:22,597 231428 [080-exec-9] DEBUG ..engine.internal.TwoPhaseLoad - Done materializing entity [com.i2i.copycat.domain.User#2]
2012-06-16 13:18:22,597 231428 [080-exec-9] DEBUG ..engine.internal.StatefulPersistenceContext - Initializing non-lazy collections
2012-06-16 13:18:22,602 231433 [080-exec-9] DEBUG ..service.bean.CopycatUserDetails - [getPrivileges() ][User:[Sk: 2][Name: ADMIN][UserType:[Code: SYS][Type: SYSTEM]][Group:[Sk: 1][Name: SYSTEM_ADMIN]]]
2012-06-16 13:18:22,604 231435 [080-exec-9] DEBUG ..hibernate.loader.Loader - Loading collection: [com.i2i.copycat.domain.User.privileges#2]
2012-06-16 13:18:22,605 231436 [080-exec-9] DEBUG ..org.hibernate.SQL
2012-06-16 13:18:22,606 231437 [080-exec-9] DEBUG ..hibernate.loader.Loader - Result set contains (possibly empty) collection: [com.i2i.copycat.domain.User.privileges#2]
2012-06-16 13:18:22,611 231442 [080-exec-9] DEBUG ..hibernate.loader.Loader - Result set row: 0
2012-06-16 13:18:22,611 231442 [080-exec-9] DEBUG ..hibernate.loader.Loader - Result row: EntityKey[com.i2i.copycat.domain.Privilege#LOGIN]
2012-06-16 13:18:22,612 231443 [080-exec-9] DEBUG ..hibernate.loader.Loader - Found row of collection: [com.i2i.copycat.domain.User.privileges#2]
2012-06-16 13:18:22,613 231444 [080-exec-9] DEBUG ..engine.internal.TwoPhaseLoad - Resolving associations for [com.i2i.copycat.domain.Privilege#LOGIN]
2012-06-16 13:18:22,613 231444 [080-exec-9] DEBUG ..engine.internal.TwoPhaseLoad - Adding entity to second-level cache: [com.i2i.copycat.domain.Privilege#LOGIN]
2012-06-16 13:18:22,613 231444 [080-exec-9] DEBUG ..engine.internal.TwoPhaseLoad - Done materializing entity [com.i2i.copycat.domain.Privilege#LOGIN]
2012-06-16 13:18:22,614 231445 [080-exec-9] DEBUG ..loading.internal.CollectionLoadContext - 1 collections were found in result set for role: com.i2i.copycat.domain.User.privileges
2012-06-16 13:18:22,614 231445 [080-exec-9] DEBUG ..loading.internal.CollectionLoadContext - Collection fully initialized: [com.i2i.copycat.domain.User.privileges#2]
2012-06-16 13:18:22,614 231445 [080-exec-9] DEBUG ..loading.internal.CollectionLoadContext - 1 collections initialized for role: com.i2i.copycat.domain.User.privileges
2012-06-16 13:18:22,614 231445 [080-exec-9] DEBUG ..engine.internal.StatefulPersistenceContext - Initializing non-lazy collections
2012-06-16 13:18:22,614 231445 [080-exec-9] DEBUG ..hibernate.loader.Loader - Done loading collection
2012-06-16 13:18:22,615 231446 [080-exec-9] DEBUG ..service.bean.CopycatUserDetails - [getPrivileges() ]...[DONE]
2012-06-16 13:18:22,615 231446 [080-exec-9] DEBUG ..transaction.spi.AbstractTransactionImpl - committing
2012-06-16 13:18:22,617 231448 [080-exec-9] DEBUG ..internal.jdbc.JdbcTransaction - committed JDBC Connection
2012-06-16 13:18:22,617 231448 [080-exec-9] DEBUG ..internal.jdbc.JdbcTransaction - re-enabling autocommit
2012-06-16 13:18:22,618 231449 [080-exec-9] DEBUG ..jdbc.internal.LogicalConnectionImpl - Releasing JDBC connection
2012-06-16 13:18:22,619 231450 [080-exec-9] DEBUG ..jdbc.internal.LogicalConnectionImpl - Released JDBC connection
2012-06-16 13:18:22,619 231450 [080-exec-9] DEBUG ..internal.proxy.ConnectionProxyHandler - HHH000163: Logical connection releasing its physical connection
2012-06-16 13:18:22,619 231450 [080-exec-9] DEBUG ..internal.proxy.ConnectionProxyHandler - HHH000163: Logical connection releasing its physical connection
2012-06-16 13:18:22,619 231450 [080-exec-9] DEBUG ..internal.proxy.ConnectionProxyHandler - HHH000163: Logical connection releasing its physical connection
2012-06-16 13:18:22,619 231450 [080-exec-9] DEBUG ..internal.proxy.ConnectionProxyHandler - HHH000163: Logical connection releasing its physical connection
2回目のログイン
2012-06-16 13:21:38,352 427183 [080-exec-7] DEBUG ..hibernate.internal.SessionImpl - Opened session at timestamp: 5487993234845696
2012-06-16 13:21:38,354 427185 [080-exec-7] DEBUG ..jdbc.internal.LogicalConnectionImpl - Obtaining JDBC connection
2012-06-16 13:21:38,354 427185 [080-exec-7] DEBUG ..jdbc.internal.LogicalConnectionImpl - Obtained JDBC connection
2012-06-16 13:21:38,354 427185 [080-exec-7] DEBUG ..transaction.spi.AbstractTransactionImpl - begin
2012-06-16 13:21:38,355 427186 [080-exec-7] DEBUG ..internal.jdbc.JdbcTransaction - initial autocommit status: true
2012-06-16 13:21:38,355 427186 [080-exec-7] DEBUG ..internal.jdbc.JdbcTransaction - disabling autocommit
2012-06-16 13:21:38,355 427186 [080-exec-7] DEBUG ..service.util.UserSessionDetailsUtil - Loading user by name[admin]
2012-06-16 13:21:38,356 427187 [080-exec-7] DEBUG ..copycat.domain.User - [User][Operation:getMatchingUnique() ][Session:2031763761][Transaction:716060180]User
2012-06-16 13:21:38,356 427187 [080-exec-7] DEBUG ..copycat.domain.User - [User][Operation:addRestrictionToCriteria() ][Session:2031763761][Transaction:716060180]User
2012-06-16 13:21:38,357 427188 [080-exec-7] DEBUG ..org.hibernate.SQL -
2012-06-16 13:21:38,365 427196 [080-exec-7] DEBUG ..hibernate.loader.Loader - Result set row: 0
2012-06-16 13:21:38,365 427196 [080-exec-7] DEBUG ..hibernate.loader.Loader - Result row: EntityKey[com.i2i.copycat.domain.User#2]
2012-06-16 13:21:38,366 427197 [080-exec-7] DEBUG ..engine.internal.TwoPhaseLoad - Resolving associations for [com.i2i.copycat.domain.User#2]
2012-06-16 13:21:38,367 427198 [080-exec-7] DEBUG ..hibernate.loader.Loader - Loading entity: [com.i2i.copycat.domain.UserType#SYS]
2012-06-16 13:21:38,368 427199 [080-exec-7] DEBUG ..org.hibernate.SQL -
2012-06-16 13:21:38,369 427200 [080-exec-7] DEBUG ..hibernate.loader.Loader - Result set row: 0
2012-06-16 13:21:38,370 427201 [080-exec-7] DEBUG ..hibernate.loader.Loader - Result row: EntityKey[com.i2i.copycat.domain.UserType#SYS]
2012-06-16 13:21:38,370 427201 [080-exec-7] DEBUG ..engine.internal.TwoPhaseLoad - Resolving associations for [com.i2i.copycat.domain.UserType#SYS]
2012-06-16 13:21:38,370 427201 [080-exec-7] DEBUG ..engine.internal.TwoPhaseLoad - Adding entity to second-level cache: [com.i2i.copycat.domain.UserType#SYS]
2012-06-16 13:21:38,371 427202 [080-exec-7] DEBUG ..engine.internal.TwoPhaseLoad - Done materializing entity [com.i2i.copycat.domain.UserType#SYS]
2012-06-16 13:21:38,371 427202 [080-exec-7] DEBUG ..hibernate.loader.Loader - Done entity load
2012-06-16 13:21:38,371 427202 [080-exec-7] DEBUG ..hibernate.loader.Loader - Loading entity: [com.i2i.copycat.domain.Group#1]
2012-06-16 13:21:38,372 427203 [080-exec-7] DEBUG ..org.hibernate.SQL -
2012-06-16 13:21:38,373 427204 [080-exec-7] DEBUG ..hibernate.loader.Loader - Result set row: 0
2012-06-16 13:21:38,374 427205 [080-exec-7] DEBUG ..hibernate.loader.Loader - Result row: EntityKey[com.i2i.copycat.domain.Group#1]
2012-06-16 13:21:38,374 427205 [080-exec-7] DEBUG ..engine.internal.TwoPhaseLoad - Resolving associations for [com.i2i.copycat.domain.Group#1]
2012-06-16 13:21:38,375 427206 [080-exec-7] DEBUG ..engine.internal.TwoPhaseLoad - Adding entity to second-level cache: [com.i2i.copycat.domain.Group#1]
2012-06-16 13:21:38,375 427206 [080-exec-7] DEBUG ..engine.internal.TwoPhaseLoad - Done materializing entity [com.i2i.copycat.domain.Group#1]
2012-06-16 13:21:38,375 427206 [080-exec-7] DEBUG ..hibernate.loader.Loader - Done entity load
2012-06-16 13:21:38,376 427207 [080-exec-7] DEBUG ..engine.internal.TwoPhaseLoad - Adding entity to second-level cache: [com.i2i.copycat.domain.User#2]
2012-06-16 13:21:38,376 427207 [080-exec-7] DEBUG ..engine.internal.TwoPhaseLoad - Done materializing entity [com.i2i.copycat.domain.User#2]
2012-06-16 13:21:38,376 427207 [080-exec-7] DEBUG ..engine.internal.StatefulPersistenceContext - Initializing non-lazy collections
2012-06-16 13:21:38,377 427208 [080-exec-7] DEBUG ..service.bean.CopycatUserDetails - [getPrivileges() ][User:[Sk: 2][Name: ADMIN][UserType:[Code: SYS][Type: SYSTEM]][Group:[Sk: 1][Name: SYSTEM_ADMIN]]]
2012-06-16 13:21:38,377 427208 [080-exec-7] DEBUG ..hibernate.loader.Loader - Loading collection: [com.i2i.copycat.domain.User.privileges#2]
2012-06-16 13:21:38,377 427208 [080-exec-7] DEBUG ..org.hibernate.SQL -
2012-06-16 13:21:38,379 427210 [080-exec-7] DEBUG ..hibernate.loader.Loader - Result set contains (possibly empty) collection: [com.i2i.copycat.domain.User.privileges#2]
2012-06-16 13:21:38,379 427210 [080-exec-7] DEBUG ..hibernate.loader.Loader - Result set row: 0
2012-06-16 13:21:38,380 427211 [080-exec-7] DEBUG ..hibernate.loader.Loader - Result row: EntityKey[com.i2i.copycat.domain.Privilege#LOGIN]
2012-06-16 13:21:38,380 427211 [080-exec-7] DEBUG ..hibernate.loader.Loader - Found row of collection: [com.i2i.copycat.domain.User.privileges#2]
2012-06-16 13:21:38,383 427214 [080-exec-7] DEBUG ..engine.internal.TwoPhaseLoad - Resolving associations for [com.i2i.copycat.domain.Privilege#LOGIN]
2012-06-16 13:21:38,383 427214 [080-exec-7] DEBUG ..engine.internal.TwoPhaseLoad - Adding entity to second-level cache: [com.i2i.copycat.domain.Privilege#LOGIN]
2012-06-16 13:21:38,384 427215 [080-exec-7] DEBUG ..engine.internal.TwoPhaseLoad - Done materializing entity [com.i2i.copycat.domain.Privilege#LOGIN]
2012-06-16 13:21:38,384 427215 [080-exec-7] DEBUG ..loading.internal.CollectionLoadContext - 1 collections were found in result set for role: com.i2i.copycat.domain.User.privileges
2012-06-16 13:21:38,384 427215 [080-exec-7] DEBUG ..loading.internal.CollectionLoadContext - Collection fully initialized: [com.i2i.copycat.domain.User.privileges#2]
2012-06-16 13:21:38,384 427215 [080-exec-7] DEBUG ..loading.internal.CollectionLoadContext - 1 collections initialized for role: com.i2i.copycat.domain.User.privileges
2012-06-16 13:21:38,385 427216 [080-exec-7] DEBUG ..engine.internal.StatefulPersistenceContext - Initializing non-lazy collections
2012-06-16 13:21:38,385 427216 [080-exec-7] DEBUG ..hibernate.loader.Loader - Done loading collection
2012-06-16 13:21:38,385 427216 [080-exec-7] DEBUG ..service.bean.CopycatUserDetails - [getPrivileges() ]...[DONE]
2012-06-16 13:21:38,385 427216 [080-exec-7] DEBUG ..transaction.spi.AbstractTransactionImpl - committing
2012-06-16 13:21:38,385 427216 [080-exec-7] DEBUG ..internal.jdbc.JdbcTransaction - committed JDBC Connection
2012-06-16 13:21:38,386 427217 [080-exec-7] DEBUG ..internal.jdbc.JdbcTransaction - re-enabling autocommit
2012-06-16 13:21:38,386 427217 [080-exec-7] DEBUG ..jdbc.internal.LogicalConnectionImpl - Releasing JDBC connection
2012-06-16 13:21:38,386 427217 [080-exec-7] DEBUG ..jdbc.internal.LogicalConnectionImpl - Released JDBC connection
2012-06-16 13:21:38,387 427218 [080-exec-7] DEBUG ..internal.proxy.ConnectionProxyHandler - HHH000163: Logical connection releasing its physical connection
2012-06-16 13:21:38,387 427218 [080-exec-7] DEBUG ..internal.proxy.ConnectionProxyHandler - HHH000163: Logical connection releasing its physical connection
2012-06-16 13:21:38,387 427218 [080-exec-7] DEBUG ..internal.proxy.ConnectionProxyHandler - HHH000163: Logical connection releasing its physical connection
2012-06-16 13:21:38,387 427218 [080-exec-7] DEBUG ..internal.proxy.ConnectionProxyHandler - HHH000163: Logical connection releasing its physical connection