Hi everyone, I am new to JSecurity, I am using it, I have a scenario to implement, I have some problems with it and I thought you could help :)
scenario : A website that uses JSecurity to manage user's access to different parts of the site. Different parts of the site are subject to different terms and conditions. Also, the download of different products are also subject different terms and conditions. These terms and conditions may change while the users are still logged in ( rememberMe or active connection). What we need is that once the terms and conditions for a particular product/part of the site is changing, some users must be kicked before doing any action and forced to re-login to accept the new terms and conditions. Having this scenario, we need to access a list of all logged in subjects, check their principals against our particular set of users and kick those who match. problem : I've got the JSecurity sources and tried to follow code paths, debug etc etc and went to the point where I have all the active sessions. Unfortunately I haven't found a way to reach the subject associated with that session and I can't get the subject's principals and check them against my separate list. questions : What is the way to reach the subject via a session, in my case ? Is there another way/s to get all the logged in subjects ? Do you think is a good idea to keep a list of authenticated subjects in my Realm implementation ? Does it affect clustering or anything else ( mainly distributed stuff ) ? still digging : If you will point me to some listeners, none of the listeners (AuthenticatingListener or SessionListener) does not know about the subject but only auth token, auth info, and session so I cannot really handle my problem (storing the subject somewhere at login time or session initiation time) only by using listeners and without extending some JSecurity classes like SecurityManager impls which is not necessary a big effort but it looks like it (not very nice to maintain) for such a basic thing. Kind Regards, Thanks in advance Razvan
