Java Code Examples for org.springframework.security.core.session.SessionInformation#expireNow()
The following examples show how to use
org.springframework.security.core.session.SessionInformation#expireNow() .
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
| Source File: UserOnlineResource.java From albedo with GNU Lesser General Public License v3.0 | 6 votes |
|
@PreAuthorize("@pms.hasPermission('sys_userOnline_logout')")
@Log(value = "在线用户强退")
@PutMapping("/batch-force-logout")
public Result batchForceLogout(@RequestBody Set<String> ids, HttpServletRequest request) {
for (String id : ids) {
UserOnline online = userOnlineService.getById(id);
if (online == null) {
return Result.buildFail("用户已下线");
}
SessionInformation sessionInformation = sessionRegistry.getSessionInformation(online.getSessionId());
if (sessionInformation != null) {
if (sessionInformation.getSessionId().equals(request.getSession(false).getId())) {
return Result.buildFail("当前登陆用户无法强退");
}
sessionInformation.expireNow();
redisTemplate.boundHashOps(RedisSessionRegistry.SESSIONIDS).put(online.getSessionId(), sessionInformation);
}
online.setStatus(OnlineStatus.off_line);
userOnlineService.updateById(online);
}
return Result.buildOk("操作成功");
}
Example 2
| Source File: UserOnlineResource.java From albedo with GNU Lesser General Public License v3.0 | 6 votes |
|
@PreAuthorize("@pms.hasPermission('sys_userOnline_del')")
@Log(value = "在线用户删除")
@DeleteMapping
public Result remove(@RequestBody Set<String> ids, HttpServletRequest request) {
for (String id : ids) {
UserOnline online = userOnlineService.getById(id);
if (online == null) {
return Result.buildFail("用户已下线");
}
try {
SessionInformation sessionInformation = sessionRegistry.getSessionInformation(online.getSessionId());
if (sessionInformation != null) {
if (sessionInformation.getSessionId().equals(request.getSession(false).getId())) {
return Result.buildFail("当前登陆用户无法删除");
}
sessionInformation.expireNow();
redisTemplate.boundHashOps(RedisSessionRegistry.SESSIONIDS).put(online.getSessionId(), sessionInformation);
}
} catch (Exception e) {
}
sessionRegistry.removeSessionInformation(online.getSessionId());
userOnlineService.removeById(online);
}
return Result.buildOk("操作成功");
}
Example 3
| Source File: SpringSessionBackedSessionRegistryTest.java From spring-session with Apache License 2.0 | 6 votes |
|
@Test
void expireNow() {
Session session = createSession(SESSION_ID, USER_NAME, NOW);
when(this.sessionRepository.findById(SESSION_ID)).thenReturn(session);
SessionInformation sessionInfo = this.sessionRegistry.getSessionInformation(SESSION_ID);
assertThat(sessionInfo.isExpired()).isFalse();
sessionInfo.expireNow();
assertThat(sessionInfo.isExpired()).isTrue();
ArgumentCaptor<Session> captor = ArgumentCaptor.forClass(Session.class);
verify(this.sessionRepository).save(captor.capture());
assertThat(captor.getValue().<Boolean>getAttribute(SpringSessionBackedSessionInformation.EXPIRED_ATTR))
.isEqualTo(Boolean.TRUE);
}
Example 4
| Source File: SessionController.java From cola with MIT License | 5 votes |
|
@PostMapping("/revoke")
public ResponseEntity<String> revoke(Principal principal) {
sessionRegistry.getAllPrincipals();
List<SessionInformation> sessionInformations = sessionRegistry
.getAllSessions(principal, false);
for (SessionInformation sessionInformation : sessionInformations) {
sessionInformation.expireNow();
sessionRegistry.removeSessionInformation(sessionInformation
.getSessionId());
}
return ResponseEntity.ok().build();
}
Example 5
| Source File: LogoutHandlerConfig.java From base-admin with MIT License | 5 votes |
|
@Override
public void logout(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Authentication authentication) {
//剔除退出用户
Object principal = SecurityContextHolder.getContext().getAuthentication().getPrincipal();
if (principal !=null){
List<SessionInformation> allSessions = sessionRegistry.getAllSessions(principal, false);
if (allSessions != null) {
for (SessionInformation sessionInformation : allSessions) {
sessionInformation.expireNow();
sessionRegistry.removeSessionInformation(sessionInformation.getSessionId());
}
}
}
}
Example 6
| Source File: LoginController.java From blog-sample with Apache License 2.0 | 5 votes |
|
@GetMapping("/kick")
@ResponseBody
public String removeUserSessionByUsername(@RequestParam String username) {
int count = 0;
// 获取session中所有的用户信息
List<Object> users = sessionRegistry.getAllPrincipals();
for (Object principal : users) {
if (principal instanceof User) {
String principalName = ((User) principal).getUsername();
if (principalName.equals(username)) {
/*
* 获取指定用户所有的 session 信息
* 参数二:是否包含过期的Session
*/
List<SessionInformation> sessionsInfo = sessionRegistry.getAllSessions(principal, false);
if (null != sessionsInfo && sessionsInfo.size() > 0) {
for (SessionInformation sessionInformation : sessionsInfo) {
sessionInformation.expireNow();
count++;
}
}
}
}
}
return "操作成功,清理session共" + count + "个";
}
Example 7
| Source File: LoginController.java From blog-sample with Apache License 2.0 | 5 votes |
|
@GetMapping("/kick")
@ResponseBody
public String removeUserSessionByUsername(@RequestParam String username) {
int count = 0;
// 获取session中所有的用户信息
List<Object> users = sessionRegistry.getAllPrincipals();
for (Object principal : users) {
if (principal instanceof User) {
String principalName = ((User) principal).getUsername();
if (principalName.equals(username)) {
/*
* 获取指定用户所有的 session 信息
* 参数二:是否包含过期的Session
*/
List<SessionInformation> sessionsInfo = sessionRegistry.getAllSessions(principal, false);
if (null != sessionsInfo && sessionsInfo.size() > 0) {
for (SessionInformation sessionInformation : sessionsInfo) {
sessionInformation.expireNow();
count++;
}
}
}
}
}
return "操作成功,清理session共" + count + "个";
}
Example 8
| Source File: ApiController.java From blog-sample with Apache License 2.0 | 5 votes |
|
/**
* 踢出指定用户
* todo: 还需要清理持久化表,不然无法踢出自动登陆用户,我就不做了
*/
@PostMapping("/kick")
public ResultMap removeUserSessionByUsername(String username) {
int count = 0;
// 获取session中所有的用户信息
List<Object> users = sessionRegistry.getAllPrincipals();
for (Object principal : users) {
if (principal instanceof User) {
String principalName = ((User) principal).getUsername();
if (principalName.equals(username)) {
/*
* 获取指定用户所有的 session 信息
* 参数二:是否包含过期的Session
*/
List<SessionInformation> sessionsInfo = sessionRegistry.getAllSessions(principal, false);
if (null != sessionsInfo && sessionsInfo.size() > 0) {
for (SessionInformation sessionInformation : sessionsInfo) {
sessionInformation.expireNow();
count++;
}
}
}
}
}
return new ResultMap(getClass() + ":removeUserSessionByUsername()", "操作成功,清理session共" + count + "个");
}
Example 9
| Source File: ApiController.java From blog-sample with Apache License 2.0 | 5 votes |
|
/**
* 踢出指定用户
* todo: 还需要清理持久化表,不然无法踢出自动登陆用户,我就不做了
*/
@PostMapping("/kick")
public ResultMap removeUserSessionByUsername(String username) {
int count = 0;
// 获取session中所有的用户信息
List<Object> users = sessionRegistry.getAllPrincipals();
for (Object principal : users) {
if (principal instanceof User) {
String principalName = ((User) principal).getUsername();
if (principalName.equals(username)) {
/*
* 获取指定用户所有的 session 信息
* 参数二:是否包含过期的Session
*/
List<SessionInformation> sessionsInfo = sessionRegistry.getAllSessions(principal, false);
if (null != sessionsInfo && sessionsInfo.size() > 0) {
for (SessionInformation sessionInformation : sessionsInfo) {
sessionInformation.expireNow();
count++;
}
}
}
}
}
return new ResultMap(getClass() + ":removeUserSessionByUsername()", "操作成功,清理session共" + count + "个");
}
Example 10
| Source File: UserSessionController.java From Spring-Security-Third-Edition with MIT License | 5 votes |
|
@DeleteMapping(value="/user/sessions/{sessionId}")
public String removeSession(@PathVariable String sessionId, RedirectAttributes redirectAttrs) {
SessionInformation sessionInformation = sessionRegistry.getSessionInformation(sessionId);
if(sessionInformation != null) {
sessionInformation.expireNow();
}
redirectAttrs.addFlashAttribute("message", "Session was removed");
return "redirect:/user/sessions/";
}
Example 11
| Source File: UserSessionController.java From Spring-Security-Third-Edition with MIT License | 5 votes |
|
@RequestMapping(value="/user/sessions/{sessionId}", method = RequestMethod.DELETE)
public String removeSession(@PathVariable String sessionId, RedirectAttributes redirectAttrs) {
SessionInformation sessionInformation = sessionRegistry.getSessionInformation(sessionId);
if(sessionInformation != null) {
sessionInformation.expireNow();
}
redirectAttrs.addFlashAttribute("message", "Session was removed");
return "redirect:/user/sessions/";
}
Example 12
| Source File: UserSessionController.java From Spring-Security-Third-Edition with MIT License | 5 votes |
|
@DeleteMapping(value="/user/sessions/{sessionId}")
public String removeSession(@PathVariable String sessionId, RedirectAttributes redirectAttrs) {
SessionInformation sessionInformation = sessionRegistry.getSessionInformation(sessionId);
if(sessionInformation != null) {
sessionInformation.expireNow();
}
redirectAttrs.addFlashAttribute("message", "Session was removed");
return "redirect:/user/sessions/";
}
Example 13
| Source File: UserSessionController.java From Spring-Security-Third-Edition with MIT License | 5 votes |
|
@DeleteMapping(value="/user/sessions/{sessionId}")
public String removeSession(@PathVariable String sessionId, RedirectAttributes redirectAttrs) {
SessionInformation sessionInformation = sessionRegistry.getSessionInformation(sessionId);
if(sessionInformation != null) {
sessionInformation.expireNow();
}
redirectAttrs.addFlashAttribute("message", "Session was removed");
return "redirect:/user/sessions/";
}
Example 14
| Source File: UserSessionController.java From Spring-Security-Third-Edition with MIT License | 5 votes |
|
@RequestMapping(value="/user/sessions/{sessionId}", method = RequestMethod.DELETE)
public String removeSession(@PathVariable String sessionId, RedirectAttributes redirectAttrs) {
SessionInformation sessionInformation = sessionRegistry.getSessionInformation(sessionId);
if(sessionInformation != null) {
sessionInformation.expireNow();
}
redirectAttrs.addFlashAttribute("message", "Session was removed");
return "redirect:/user/sessions/";
}
Example 15
| Source File: UserSessionController.java From Spring-Security-Third-Edition with MIT License | 5 votes |
|
@DeleteMapping(value="/user/sessions/{sessionId}")
public String removeSession(@PathVariable String sessionId, RedirectAttributes redirectAttrs) {
SessionInformation sessionInformation = sessionRegistry.getSessionInformation(sessionId);
if(sessionInformation != null) {
sessionInformation.expireNow();
}
redirectAttrs.addFlashAttribute("message", "Session was removed");
return "redirect:/user/sessions/";
}
