Posted on 2011-01-10 12:03
asdtiang 阅读(705)
评论(0) 编辑 收藏 所属分类:
grails study
主要参考文档:
http://grails.1312388.n4.nabble.com/Information-about-all-logged-in-users-with-Acegi-or-SpringSecurity-in-Grails-td1372911.html
根据文档,基本操作翻译如下:(注意只统计在线用户,也就是登录的用户)
在SecurityConfig中设置 useHttpSessionEventPublisher 为true,
// HttpSessionEventPublisher
useHttpSessionEventPublisher = true
这样不用更改web.xml文件
resources.groovy:文件增加以下bean:
beans = {
sessionRegistry(org.springframework.security.concurrent.SessionRegistryImpl)
sessionController(org.springframework.security.concurrent.ConcurrentSessionControllerImpl) {
maximumSessions = -1 //表示同一个账户可以多次登录,但只计一个在线用户
sessionRegistry = ref('sessionRegistry')
}
}
BootStap对应增加以下内容:
class BootStrap {
def authenticationManager
def sessionController
def init = { servletContext ->
authenticationManager.sessionController = sessionController
}
def destroy = {}
}
测试
class OnlineController {
def sessionRegistry
def test={
render sessionRegistry.getAllPrincipals().length
}
}
主要类的文档:
ConcurrentSessionControllerImpl:
http://static.springsource.org/spring-security/site/docs/2.0.x/apidocs/org/springframework/security/concurrent/ConcurrentSessionControllerImpl.html
SessionRegistryImpl:
http://static.springsource.org/spring-security/site/docs/2.0.x/apidocs/org/springframework/security/concurrent/SessionRegistryImpl.html
天苍苍,野茫茫,风吹草底见牛羊