Cactus Thinking

by 丑鑫鑫

如果系统是采用acegi security,你不需要另外编写额外的代码来满足这个需求，硬生生的写个Listener,Filter去监听或者拦截session，实现这个功能不叫重造轮子，应该叫做用别人的轮子重造轮胎

采用Acegi 的系统限制同一用户同一时间只能一次登录系统步骤如下：

1.改写web.xml加入如下的语句

<listener>
<listener-class>org.acegisecurity.ui.session.HttpSessionEventPublisher</listener-class>
</listener>

这个监听器用来监听session生命期的事件

2.在acegi相关的spring bean配置文件加入：

<bean id=“authenticationManager” class=“org.acegisecurity.providers.ProviderManager”>
<property name=“providers”>
<!– your providers go here –>
</property>

<property name=“sessionController”><ref bean=“concurrentSessionController”/></property>
</bean>

<bean id=“concurrentSessionController” class=“org.acegisecurity.concurrent.ConcurrentSessionControllerImpl”>

<property name=“maximumSessions”><value>1</value></property>
<property name=“sessionRegistry”><ref local=“sessionRegistry”/></property>
</bean>

<bean id=“sessionRegistry” class=“org.acegisecurity.concurrent.SessionRegistryImpl”/>

执行的过程为用户couxinxin登录到系统，在另一台机器上couxinxin这个用户又登录到系统，那么前一个用户couxinxin的Session将被后者冲掉（踢掉）

搞定Over !

必须要使用acegi1.0.6及其以后的版本，不然会报出
java.lang.IllegalArgumentException: Authentication.getDetails() required
这是版本1.0.5的bug
描述为：

If concurrent session control is used with an authentication provider which doesn’t copy the authentication details object to the successful authentication (e.g. CasAuthenticationProvider) then the check with the concurrent session controller on whether access is allowed takes place before the copyDetails method of AbstractAuthenticationManager is called. This isn’t a problem with classes which extend AbstractUserDetailsAuthenticationProvider, as it copies the authentication details object itself.

The copyDetails method should probably be pulled down into ProviderManager and called before checkAuthenticationAllowed() is called. This will ensure that the details object is available even if the provider doesn’t set it.

It’s also not clear that we really need an AbstractAuthenticationManager at all, given how little there is in there.

参见：http://jira.springframework.org/browse/SEC-618

ps： blogger 的xml排版有点难看，呵呵

admin Java世界 acegi, Java世界, security

Some projects such as JBoss Web Services, JBoss ESB, and JBoss Rules use Subversion for their source code repositories. We have multiple svn repositories:

NOTE: THE URLs here are NOT YET READY for JBoss Rules, please do not use them at this time.

Anonymous Access is provided by the following url:

http://anonsvn.jboss.org/repos/

Committer Access is provided by:

https://svn.jboss.org/repos/

Note that the anonymous repository is a mirror of the committer repository that is synched every 5 minutes.

Committers will be prompted for their jboss.com id and password. There are no public and private keys for these repositories. All encryption is done via https. Each project maintains its own list of committers and there is directory level access controls in place.

Committer access requires agreement to one of the following contributor agreements:

… …

http://anonsvn.jboss.org/repos/中列出的项目里面没有jBPM,但是我们发现JBoss Portal的地址是http://anonsvn.jboss.org/repos/portal/ 通过猜测可以的到jbpm的SVN库地址为

http://anonsvn.jboss.org/repos/jbpm/

(+_+)#

admin Java世界, 开发笔记 Java世界, jbpm, svn

感谢雕虫小技的文章 http://blog.csdn.net/jasonhwang/archive/2008/04/29/2344768.aspx

admin Java世界 security, ssl, tomcat

几天安装了新版svn，版本是1.4.4.结果导致使用Eclipse的Subclipse去获取SVN资源库内容时，Eclipse 就屡次崩溃。先还找不到原因。放狗搜了下。结果是环境变量APR_ICONV1_PATH惹的祸，修改这个变量名为APR_ICONV1_PATH1，哦也，重启Eclipse使用Subclipse已经没问题了。哈哈

参考：

http://subclipse.tigris.org/servlets/ReadMsg?listName=users&msgNo=10234

admin Java世界, 开发笔记 eclipse, subclipse, svn

1.安装好JDK和Tomcat, 测试可以正常运行Tomcat.

2.在/etc/init.d 目录下创建名为tomcat的文件(如该目录下已经有同名文件, 则改成其他名字), 该文件内容如下:

#!/bin/sh

# chkconfig: 345 88 14# description: Tomcat Daemon

#Change to your Jdk directoryJAVA_HOME=/opt/jdkexport JAVA_HOME

#Change to your Tomcat directoryCATALINA_HOME=/opt/tomcatexport CATALINA_HOME

# Determine and execute action based on command line parameter

case "$1" instart)echo "Starting Tomcat..."sleep 2$CATALINA_HOME/bin/startup.sh;;stop)echo "Shutting down Tomcat..."sleep 2$CATALINA_HOME/bin/shutdown.sh;;*)echo "Usage: $1 {start|stop}";;esacexit 0

其中以下两行必须要出现在文件中:

# chkconfig: 345 88 14                     ---表示该脚本应该在运行级 3, 4, 5 启动，启动优先权为88，停止优先权为 14。这3组值可以根据自己的情况调节

# description: Tomcat Daemon               ---?

3.在命令行输入以下命令修改文件tomcat的运行级别

chmod a+x /opt/init.d/tomcat

4.在命令行输入以下命令以测试服务可以正常启动

service tomcat start

servive tomcat stop

5.然后将tomcat加入到系统服务中,以便可以自动启动

cd /opt/init.dchkconfig --add tomcat

6.可以通过以下命令查看tomcat服务的详情. 具体的chkconfig命令详情请查看网上资料

chkconfig --list

admin Java世界 linux, tomcat

1. If you use maven2 as a tool in Cruisecontrol ’s build process you must use this command : svn update to update the workcopy of your project from svn repository in the Cruisecontrol’s project folder to get the entire svn information .If you don’t do that the cruisecontrol will never build as you want.
2. At firest time if you add the ‘target’ folder to svn repository then after  the maven2 build phase the .svn folder(svn info.) were deleted  and sometime you update or commit resources there could arise error like this:working copy admin area missing.You need to set a    svn:ignore  property to svn for it to ignore the miss entry .command like ’svn propset svn:ignore target https//somehost.com/someproject/trunk ‘

admin Java世界, Project Management

在Mysql数据库中，设置环境变量 lower_case_table_names=0;可以在大小写不敏感的系统上创建大小写敏感的数据库或表。从而避免的数据库跨平台导入导出时，大小写不一致的问题。

Table and database names are stored on disk using the lettercase specified in the CREATE TABLE or CREATE DATABASE statement. Name comparisons are case sensitive. Note that if you force this variable to 0 with –lower-case-table-names=0 on a case-insensitive filesystem and access MyISAM tablenames using different lettercases, index corruption may result.

http://dev.mysql.com/doc/refman/5.1/en/identifier-case-sensitivity.html

admin MySQL database, MySQL