自己写的一点简单的代码,仅供学习交流,废话不多说直接上代码,
1.实现一个HttpSessionListener 用来监听session
public class LoginListener implements HttpSessionListener {
private Logger logger = LoggerFactory.getLogger(LoginListener.class);
public static HashMap
public static HashMap
// 使session失效,并移除map
public void destroyed(String username, HttpServletRequest request) {
HttpSession session = request.getSession();
String sessionid = userMap.get(username);
if(sessionMap.containsKey(sessionid)){
synchronized (this) {
sessionMap.get(sessionid).invalidate();
sessionMap.remove(sessionid);
userMap.remove(username);
}
}else{
userMap.remove(username);
}
}
// 将session信息存入map
public void created(Object o,String username, HttpServletRequest request) {
HttpSession session = request.getSession();
//logger.info("创建的sessionID:"+session.getId());
userMap.put(username, session.getId());
sessionMap.put(session.getId(), session);
session.setMaxInactiveInterval(60*120);
Map
}
@Override
public void sessionCreated(HttpSessionEvent arg0) {
}
@Override
public void sessionDestroyed(HttpSessionEvent arg0) {
HttpSession session = arg0.getSession();
String sessionid = session.getId();
logger.info("session shixiaol"+session.getId());
sessionMap.remove(sessionid);
}
}
2.在实现一个过滤器,过滤session,实现无session强制退出。
public void doFilter(ServletRequest request, ServletResponse response,
FilterChain chain) throws IOException, ServletException {
HttpServletRequest httpreq = (HttpServletRequest) request;
HttpServletResponse httpres = (HttpServletResponse) response;
String redirectPath = httpreq.getContextPath()
+ config.getInitParameter("redirectPath");
String uri = httpreq.getRequestURI();
// logger.info(" uri is "+uri);
//不拦截login,验证码
if(uri.endsWith("login.do")|| uri.endsWith("image.do") || uri.endsWith("per.do") ){
chain.doFilter(request, response);
return;
}
Object user= httpreq.getSession().getAttribute("user");
if(user==null){
logger.info("未登录");
request.setAttribute("msg", "登陆用户已超时,请重新登陆!");
httpreq.getRequestDispatcher("/login.jsp").forward(httpreq, response);
} else {
chain.doFilter(request, response);
}
}
3.Spring mvc 实现以一个Contorller LoginController来做控制层
public ModelAndView login(HttpServletRequest request){
ApiResponse api = new ApiResponse();
ModelAndView modelAndView = new ModelAndView();
try {
HttpSession session = request.getSession();
String message;
String username =request.getParameter("username");
String password =request.getParameter("password");
Map map = new HashMap();
map.put("userId", username);
map.put("passwd", Md5Util.MD5(password));
Object o = permissionService.getBaseDao().getOneEntity("sys_user.exits", map);
Map
if(o!=null){
String sessionid = LoginListener.userMap.get(username);
logger.info("sessionid:"+sessionid);
LoginListener userSession = new LoginListener();
if(sessionid != null&&!sessionid.equals("")){
//注销在线用户,如果session id 相同,不销毁.
if(!sessionid.equals(session.getId())){
if(session.isNew()){
userSession.created(o,username, request);
}else{
userSession.destroyed(username, request);
userSession.created(o, username, request);
}
}
}else{
userSession.created(o,username, request);
}
user =(Map
/*request.getSession().setAttribute("user", user);
request.getSession().setAttribute("userName", (String)user.get("userName"));*/
}else{
message ="用户名或密码错误";
modelAndView.setViewName("/login");
modelAndView.addObject("msg", message);
return modelAndView;
}
}catch (Exception e) {
api.setApi_code(1);
e.printStackTrace();
}
return modelAndView;
}
4.实现一个login.jsp from 表单提交完成用户登录功能.
未经博主允许,请勿转载https://blog.csdn.net/qq_35238963/article/details/80283631