Hello Ippez, I have been trying to use Spring Security to implement this functionality, but have not been successful at it yet. I shall look into your solution today and work on it. Will post here if I can come up with a working solution.
On Fri, May 12, 2017 at 2:00 AM, Ippez Robert <[email protected]> wrote: > Hi Usman Khaliq, > > Have you got a solution for thjs based on what i shared with you? Please > shares. > > Thanks > Regards > Ippez Robert > > On Wed, May 10, 2017 at 4:30 PM, Ippez Robert <[email protected]> > wrote: > > > Hi i was hoping to implement this as here but some how got lost. What i > > wanted to do is to prevent users from login in multiple devices/computers > > by adding a column is_logged_in to m_appuser table so when a user tries > to > > login and if his credentials are correct, but is logged in another > computer > > he is rejected from loggin in. and notified in the community-app that he > is > > logged in another device. he should log out from there and try again. > > > > I tried to test what i have done and here is how it behaves... a user > > login and the value of is_logged_in is set to 1. Which is correct but > now > > what i want is to have a check for is_logged_in value before a user if > > fully authenticated. Thats my challenge. > > > > Here is my code snippet, please make some tweak and if it works, then > > share back. > > > > The commit is here https://github.com/Ippezrobert/incubator- > > fineract/commit/c49280aa8ec6659e0133004787c6e11919854dd6 > > <https://www.google.com/url?q=https%3A%2F%2Fgithub.com% > 2FIppezrobert%2Fincubator-fineract%2Fcommit%2Fc49280aa8ec6659e0133004787c6 > e11919854dd6&sa=D&sntz=1&usg=AFQjCNEk9TnHtXAWmlwD1sLgyCIy763D1g> > > > > Thanks > > Regards > > > > On Wed, May 10, 2017 at 4:23 PM, Usman Khaliq <[email protected]> > > wrote: > > > >> Hi everyone, > >> > >> I have written the following code in the infrastructure/core/boot > >> directory > >> to set the number of concurrent user sessions at 1: > >> > >> @EnableWebSecurity > >> @Configuration > >> public class WebSecurityConfig extends WebSecurityConfigurerAdapter { > >> > >> @Override > >> protected void configure(HttpSecurity http) throws Exception { > >> http > >> .authorizeRequests() > >> .anyRequest() > >> .authenticated() > >> .and() > >> .sessionManagement() > >> .maximumSessions(1) > >> .maxSessionsPreventsLogin(true) > >> .sessionRegistry(sessionRegistry()); > >> } > >> > >> // Work around https://jira.spring.io/browse/SEC-2855 > >> @Bean > >> public SessionRegistry sessionRegistry() { > >> SessionRegistry sessionRegistry = new SessionRegistryImpl(); > >> return sessionRegistry; > >> } > >> > >> @Autowired > >> public void configureGlobal(AuthenticationManagerBuilder auth) > throws > >> Exception { > >> auth > >> .inMemoryAuthentication() > >> .withUser("mifos").password("p > >> assword").roles("USER"); > >> } > >> > >> // Register HttpSessionEventPublisher > >> @Bean > >> public static ServletListenerRegistrationBean > >> httpSessionEventPublisher() { > >> return new ServletListenerRegistrationBean(new > >> HttpSessionEventPublisher()); > >> } > >> } > >> > >> I have also registered the Spring Security filter created above in the > >> AbstractSecurityWebApplicationInitializer in the > infrastructure/core/boot > >> directory as follows: > >> > >> public class SecurityWebApplicationInitializer > >> extends AbstractSecurityWebApplicationInitializer { > >> protected Class<?>[] getRootConfigClasses() { > >> return new Class[] { WebSecurityConfig.class }; > >> } > >> } > >> However, I am still able to log into multiple browser sessions from my > >> machine. Any advise on what I am doing wrong with my code? Thanks in > >> advance. > >> > >> -- > >> Kind Regards > >> Usman Khaliq > >> Programmer and R&D Lead > >> iDT Labs > >> 5 Foday Drive,Regent Road,Hill Station > >> Freetown,Sierra Leone > >> Tel: +92334 3777 059/ + 232 77 775 775 > >> Skype: usman.khaliq > >> Website:www.idtlabs.sl > >> > > > > > > > > -- > > Ippez Roberts > > Director & Founder - Skyline Technologies Uganda > > "IT Consultants & Engineers" > > P.O.Box 155, Moyo > > UGANDA. > > Tel: +256788725408 <+256%20788%20725408>/789643284 > > Skype ID: ippez.robert1 > > Email: [email protected] > > > > > > -- > Ippez Roberts > Director & Founder - Skyline Technologies Uganda > "IT Consultants & Engineers" > P.O.Box 155, Moyo > UGANDA. > Tel: +256788725408/789643284 > Skype ID: ippez.robert1 > Email: [email protected] > -- Kind Regards Usman Khaliq Programmer and R&D Lead iDT Labs 5 Foday Drive,Regent Road,Hill Station Freetown,Sierra Leone Tel: +92334 3777 059/ + 232 77 772 772 Skype: usman.khaliq Website:www.idtlabs.sl
