Spring security 3.1 : session concurrency control not working, why?

后端 未结 1 416
野趣味
野趣味 2021-01-13 09:39

I\'m trying to use security concurent session with spring security 3.1.4. But it\'s not working i don\'t understand why. Tomcat https is configured to redirect http request

1条回答
  •  伪装坚强ぢ
    2021-01-13 10:08

    You have a custom principal object (of type com.clb.genomic.lyon.model.User) which will be used as the SessionRegistry key. The most likely reason for what you're seeing is that you haven't implemented hashcode and equals for this class and thus the registry doesn't know that the two instances are for the same principal.

    The best way to do this without causing any problems is to implement the methods using the username as the only data (see the default User object for an example).

    You should probably also implement toString to at least output the username as it will make reading debug logs easier.

    0 讨论(0)
提交回复
热议问题