| Andrew Cooke | Contents | Latest | RSS | Twitter | Previous | Next

C[omp]ute

Welcome to my blog, which was once a mailing list of the same name and is still generated by mail. Please reply via the "comment" links.

Always interested in offers/projects/new ideas. Eclectic experience in fields like: numerical computing; Python web; Java enterprise; functional languages; GPGPU; SQL databases; etc. Based in Santiago, Chile; telecommute worldwide. CV; email.

Personal Projects

Lepl parser for Python.

Colorless Green.

Photography around Santiago.

SVG experiment.

Professional Portfolio

Calibration of seismometers.

Data access via web services.

Cache rewrite.

Extending OpenSSH.

Last 100 entries

Re: Python's sad, unimaginative Enum; Re: Some explanation; Some explanation; Printing binary trees sideways; Atoms in python; About "Python's sad, unimaginative Enum"; Frustration Understood; Some good feedback here; this is fucking useless; I agree with you #nt; What would be imaginative?; Re: Enum; Enum; Python's sad, unimaginative Enum; Possible Fix; Work, Exhaustion, Vacation; VirtualBox with Centos 6.3 to 6.4, client; Matasano - Programming Lessons Learned; PDF to HTML; Alternate Substitution; Why RSA Works; Trigger; Dreaming of Death; Example: Tracing; Using Coroutines In Protocol Simulations; Python 3.3 Only; Pure Python SHA1 and MD4 Implementations; Ubuntu on VirtualBox; Starting TOR as a service on OpenSuse 12.3; 1001 Albums; Using fail2ban on OpenSuse 12.3; PPPoE on OpenSuse 12.3; Good Article on Unified Physics; It's Police (Carabineros); Linux Software for Listening to and Exploring Music; Android is Pretty Bad; Lucky Number; 3D Printing for Casting; Cover Art for MPDroid; Who'd a thought the French were so bigoted?; PS Input Signal; Small Problem with Roksan K2 Amp; Roksan K2 Amp + ATC SCM7 Speakers; Do What Makes Sense; Re: Arguing About Tests, Still; Arguing About Tests, Still; Images; Good Article on NY Drummers; Related Bug Report; Getting Python 3.3 and Virtualenv Working in OpenSuse 12.3; How I Am; Awesome video about digital audio; The Difference Between Dimensional and Normalized Databases; The rise of the new Chinese bogeyman; Updated Syntax; Very First Steps to C-ORM; The Ideal User Interface For Music Exploration; Can The Republicans Be Saved?; Rate Limiting Calls to EchoNest; Mods to Cache; Comparing UYKFG and UYKFD/E/F; Someone Else is Concerned; EchoNest-based Playlist Generator for MPD; Example Voting Results; A Heavyweight Python Cache; Identifying Artists with EchoNest; Notes on Pregalex / Pregabalina / Lyrica; The Neil Cowley Trio; Drake - Make for Data; A Reliable Python Web Service; Useful Python Date/Time Library?; Need to Sleep, But this is Good; Command Line Set Difference; Little Details...; Linux Command Line Tricks; AutoTools Tutorial; Hangman Tactics; A Tor Proxy Embedded In A Web Page; Tree (Nested Dicts) in Python; Sleeping at Parties; I Know Someone Who Hurts Other People; Light and Tea; Description of the LCS35 Time Capsule Crypto-Puzzle; Re: I can relate to that ...; I can relate to that ...; Re: It's 2012 Why Does My IDE Suck?; My Own Alternative Medicine; Nice explanation of SVM; Why and How Writing Crypto is Hard; Re: It's 2012 Why Does My IDE Suck?; Incremental Regular Expressions; BBC Map Confused at Pole; Social Media: Ground Zero in the Culture War; My Visit to the Psycho Doc; Learning Modern 3D Graphics Programming; Hope you got some crackers to go with the cheese; Re: But how easy would it be ...; But how easy would it be ...; Powerline Freq Fingerprinting of Audio; The Folly of Scientism; Cheese - Because You're Going to Die Anyway

© 2006-2013 Andrew Cooke (site) / post authors (content).

Session Limitation with Acegi

From: "andrew cooke" <andrew@...>

Date: Mon, 27 Feb 2006 14:44:16 -0300 (CLST) 

Sometimes it's useful to restrict a user a single session.  This
simplifies the logic needed to guarantee certain restrictions.

For example, I always want a user to have a minimum of one valid email
address.  With two parallel sessions and two valid emails a user could
delete one email in each session and I would need to verify consistency in
the database.  Restrictig to one session lets me implement the restriction
in the business logic.

However, the exact configuration was not obvious.  After some
experimentation the following seemed to work.

First, you need some way of detectig when sessions expire.  This is
largely automatic as long as you register the following in web.xml:

  <!-- used to track session events (single user session) -->
  <listener>
    <listener-class>org.acegisecurity.ui.\
      session.HttpSessionEventPublisher</listener-class>
  </listener>

I have all my authentication-related xml in web-authentication.xml (and
referenced via context-param in web.xml).  It includes:

  <bean id="authenticationManager"
    class="org.acegisecurity.providers.ProviderManager">
    <property name="sessionController" ref="singleSession"/>
    <property name="providers">
      ...
    </property>
  </bean>

  <bean id="sessionRegistry"
    class="org.acegisecurity.concurrent.SessionRegistryImpl"/>

  <bean id="singleSession"
    class="org.acegisecurity.concurrent.ConcurrentSessionControllerImpl">
    <property name="maximumSessions" value="1"/>
    <property name="exceptionIfMaximumExceeded" value="true"/>
    <property name="sessionRegistry" ref="sessionRegistry"/>
  </bean>

Which is all that is needed (I suspect sessionRegistry is supplied by
default anyway).

The way it seems to work is as follows:
- authenticationManager calls the appropriate provider
- if that succeeds, it calls sessionController
- sessionController applies the appropriate logic, using the information
  in sessionRegistry
- sessionRegistry is correct because of the event system (which includes
  the listener you registered).

Andrew

Session Limitation with Acegi blog post

From: "andrew cooke" <andrew@...>

Date: Fri, 10 Oct 2008 07:07:52 -0400 (CLT) 

---------------------------- Original Message ----------------------------
From:    "m zyzy" <myzyzy@...>
Date:    Thu, October 9, 2008 10:40 pm
--------------------------------------------------------------------------

First of all, I am new in spring and acegi , and I know the post is a bit
old, but I am stuck with acegi v1.0.4 - Spring security V2.0.4 -wait for
me-We'll meet in my next project..

why you dont use this filter below ? is there an explanation as why you
didnt use it?
<bean id="concurrentSessionFilter"
class="org.acegisecurity.concurrent.ConcurrentSessionFilter">
      <property name="sessionRegistry"> <ref bean="sessionRegistry"/>
</property>
      <property name="expiredUrl" value="/login.jsp"/>
    </bean>

I also use the same config xml code as you wrote in the blog post but with
the addition of above code and it's work fine for me (of course, with the
above code , I need to add the concurrentSessionFilter in the
filterChainProxy's filter sequence).

-Second as we both use the way that to prevent second login attempt at a
time in different machine/browser , how to show a text message in a jsp
page to indicate that the unsuccessful second logger of user he/she is
trying to log in to is in used already currently? How this can be done?

Thanks .

No Idea!

From: "andrew cooke" <andrew@...>

Date: Fri, 10 Oct 2008 07:14:33 -0400 (CLT) 

Hi,

No idea why I didn't use that - perhaps it wasn't around when I wrote the
code?  Perhaps I missed it?

Curiously, it's not mentioned at
http://www.acegisecurity.org/guide/springsecurity.html#concurrent-sessions
either.

I haven't used Acegi since this post, so I'm afraid I can't help more (but
thanks for posting - people do sometimes read this page, according to my
logs, so it will help them).

Cheers,
Andrew

Comment on this post