限制用户重复登录
首先声明一个全局的ServletContext,在servlet的init()方法中实例话,确保所有的用户公用一个变量,然后登录成功的用户添加到ServletContext里面,key是用户名,value是用户会话的session;当同一用户再次登录时,后登录的用户优先级大于前登录的,所以再ServletContext里面后登录的取代前登录的,这一点有点象QQ和MSN的做法。
用过滤器过于所有应用,当发现ServletContext里面本用户对应的session跟用户会话的session不一致时,强制将用户退出。
登录代码
import java.io.IOException; import java.util.List;
import javax.servlet.ServletContext; import javax.servlet.ServletException; import javax.servlet.http.HttpServlet; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import javax.servlet.http.HttpSession;
import com.control.test; import com.dao.TestDAO; import com.pojo.Test;
public class TestServlet extends HttpServlet{
ServletContext sc=null; protected void service(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { TestDAO t=new TestDAO(); Test t1=new Test(); String msg=""; String name=request.getParameter("userName"); String pass=request.getParameter("userPass"); if(name.equals("admin")){ t1.setId(1); t1.setName(name); t1.setPass(pass); }else if(name.equals("1")){ t1.setId(2); t1.setName(name); t1.setPass(pass); }else{ msg=""; } List list=t.findByExample(t1); if(list!=null&&list.size()>0){ msg=""; System.out.println("t1.getName==="+t1.getName()); sc.setAttribute(t1.getName(), request.getSession());//放入当前最新session }else{ msg=""; } request.getSession().setAttribute("name", t1.getName()); request.setAttribute("names", request.getSession()); request.setAttribute("list", list); request.setAttribute("msg", msg); request.getSession().setAttribute("sc",sc);//sc放入session中,便于过滤器过滤重复登录的用户 request.getRequestDispatcher("test1.jsp").forward(request, response); }
@Override public void init() throws ServletException { sc=this.getServletContext();//初始化全局变量 super.init(); }
}
过滤器代码:
import java.io.IOException; import java.util.ArrayList; import java.util.HashMap; import java.util.List; import java.util.Map;
import javax.servlet.Filter; import javax.servlet.FilterChain; import javax.servlet.FilterConfig; import javax.servlet.ServletContext; import javax.servlet.ServletException; import javax.servlet.ServletRequest; import javax.servlet.ServletResponse; import javax.servlet.http.HttpServlet; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import javax.servlet.http.HttpSession;
import com.pojo.Test;
public class WebSessionFilter implements Filter{ private String Longin = "/test/test.jsp"; private FilterConfig filterConfig; private Map list=null; public void destroy() { }
public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain chain) throws IOException, ServletException { HttpServletRequest request = (HttpServletRequest) servletRequest; HttpServletResponse response = (HttpServletResponse) servletResponse; HttpSession session=null; session = request.getSession(true); HttpSession s=null; String fxusers = (String) session.getAttribute("name"); System.out.println("fxusers========"+fxusers); ServletContext sc=(ServletContext)session.getAttribute("sc"); if(fxusers!=null){ if (sc.getAttribute(fxusers)!= null) { // 第二次登陆后第一次无效 s=(HttpSession)sc.getAttribute(fxusers); // System.out.println(session); } } System.out.println("s====="+s); System.out.println("session====="+session); System.out.println("--------------------------------"); //session.getAttribute((String) session.getAttribute("name")); if(session!=null&&s!=null&&!s.equals(session)){ //session.invalidate(); response.reset(); response.setContentType("text/html; charset=gbk"); response.getWriter().print(""); //response.sendRedirect(login); // System.out.println("Ready is listenering.......!"); // response.sendRedirect("/Longin.jsp"); return ; } chain.doFilter(request, response); }
public void init(FilterConfig config) throws ServletException { list=new HashMap(); this.filterConfig = config; String page = filterConfig.getInitParameter("Longin"); if (page != null && !page.equals("")) { Longin = page; } }
} web.xml配置