I'm working with Spring Security 5.6.0 and OAuth 2.0 authentication. I'm trying to limit the concurrent sessions for each user to one. After some tries, I managed to write this code:
@Override
protected void configure(HttpSecurity http) throws Exception {
http
[...]
.sessionManagement()
.sessionFixation().migrateSession()
.sessionCreationPolicy(SessionCreationPolicy.IF_REQUIRED)
.invalidSessionUrl("/expired")
.maximumSessions(1)
.maxSessionsPreventsLogin(true)
.sessionRegistry(sessionRegistry());
with
@Bean
public SessionRegistry sessionRegistry() {
SessionRegistry sessionRegistry = new SessionRegistryImpl();
return sessionRegistry;
}
@Bean
public HttpSessionEventPublisher httpSessionEventPublisher() {
return new HttpSessionEventPublisher();
}
Yet, this doesn't work for some reason, letting two different browsers make API calls with the same user logged in. Any suggestions?
Firebase Cloud Functions: PubSub, "res.on is not a function"
TypeError: Cannot read properties of undefined (reading 'createMessageComponentCollector')
I am using Quarkus Mailer and Quarkus Template to create an endpoint that will be responsible just for sending emailsFor now it just receives the subject, body and the emails that the email should be sent to
Is it possible to change a keystore alias' password without having the oldI do have the keystore's password and the alias name
I developed an Apache Camel application and I want to deploy it to wildflyFrom this guide https://wildfly-extras
My standard configuration of Tomcat 85 splits the logs into