我已將Spring Security添加到我的應用程序中。我可以很好地登錄,但是當我點擊註銷後,我無法再次登錄。Spring Security - 單擊註銷後無法登錄
這裏是我的applicationContext-security.xml文件
<http auto-config="true" access-denied-page="/accessDenied.html">
<intercept-url pattern="/login.html*" filters="none"/>
<intercept-url pattern="/static/**" filters="none"/>
<intercept-url pattern="/**" access="ROLE_USER" />
<form-login login-page="/login.html"
authentication-failure-url="/login.html?login_error=1"
default-target-url="/search.html"/>
<logout logout-success-url="/login.html"/>
<concurrent-session-control max-sessions="1" exception-if-maximum-exceeded="true"/>
</http>
<!--
Usernames/Passwords are
rod/koala
-->
<authentication-provider>
<password-encoder hash="md5"/>
<user-service>
<user name="rod" password="a564de63c2d0da68cf47586ee05984d7" authorities="ROLE_USER" />
</user-service>
這裏是我的登錄表單:
<form method="post" action="j_spring_security_check">
<table>
<tr>
<td><label for="j_username">Username:</label></td>
<td>
<input type="text" name="j_username" id="j_username" size="20" maxlength="50"
<c:if test="${not empty param.login_error}">
value="<%= session.getAttribute(AuthenticationProcessingFilter.SPRING_SECURITY_LAST_USERNAME_KEY) %>"
</c:if>/>
</td>
</tr>
<tr>
<td><label for="j_password">Password:</label></td>
<td>
<input type="password" name="j_password" id="j_password" size="20" maxlength="50"/>
</td>
</tr>
<tr>
<td colspan="2" align="center">
<input type="checkbox" name="_spring_security_remember_me"/> Remember me on this computer.
</td>
</tr>
<tr>
<td> </td>
<td>
<input type="submit" class="button-submit" name="submit" value="Login">
</td>
</tr>
</table>
而且我註銷鏈接點:/j_spring_security_logout
UPDATE:(二〇〇九年十月三十日09:44 EDT)
一些額外的信息,我啓用了DEBUG級別的日誌記錄,現在可以看到這個在我的控制檯:
09:42:14 DEBUG [http-8080-1] (AbstractProcessingFilter.java:412) - Authentication request failed: org.springframework.security.concurrent.ConcurrentLoginException: Maximum sessions of 1 for this principal exceeded
會看起來,這條線從我的applicationContext-security.xml文件有什麼用它做:
<concurrent-session-control max-sessions="1" exception-if-maximum-exceeded="true"/>
我不知道爲什麼,即使我已經登出,它認爲我已經exceede d會話的最大數量。
任何幫助表示感謝,謝謝!
-aj
這將是巨大的,如果誰投下來這個問題,可以添加評論... – 2009-11-13 15:56:04