单点登录 利用HttpModuler实现WEB程序同一时间只让一个用户实例登陆
我在们使用ASP.Net开发WEB网站时,有的时候是不让同一个用户名在同一时间进行多次登陆的。
为了不影响原来的整个网站,我选择使用了HttpModuler来实现。
先让所有的Page从自己的Page类:BasePage类继承,并实现 ISigleLogin接口。相关代码如下:
public interface ISingleLogin
{
string SigleUserLoginId { get; }
void SigleUserLogout();
}
public class BasePage : System.Web.UI.Page , BNet.Web.Modulers.ISingleLogin
{
public BasePage()
{
//
// TODO: 在此处添加构造函数逻辑
//
}
protected override void OnLoad(EventArgs e)
{
base.OnLoad(e);
if (Session["UserId"] == null)
{
Response.Write("你还没有登陆");
Response.Redirect("login.aspx");
}
}
ISingleLogin 成员#region ISingleLogin 成员
public string SigleUserLoginId
{
get
{
if (Session["UserId"] != null)
{
return Session["UserId"].ToString();
}
else
return "";
}
}
public void SigleUserLogout()
{
Session.Abandon();
Response.Write("你在别处已经登陆,强制退出本次登陆!");
}
#endregion
}
然后在Web.config中加入HttpModuler:
<system.web>
<httpModules>
<add name="SingleLogin" type="BNet.Web.Modulers.SingleLoginModuler"/>
</httpModules>
</system.web>
相关的SigleLoginModuler代码如下:
using System;
using System.Collections.Generic;
using System.Data;
using System.Configuration;
using System.Web;
using System.Web.UI;
namespace BNet.Web.Modulers
{
/**//// <summary>
/// SingleLoginModuler 的摘要说明
/// </summary>
public class SingleLoginModuler : System.Web.IHttpModule
{
const string sigle_login_userid = "evlon_siglelogin_userid";
const string sigle_pre_logout_sessionid = "evlon_sigle_pre_logout_sessionid";
static StringLifeValueDictionary loginedUserIdDictionary = null;
static StringLifeValueDictionary LoginedUserIdDictionary
{
get
{
if (loginedUserIdDictionary == null)
{
loginedUserIdDictionary = new StringLifeValueDictionary();
}
else
{
List<string> listRemove = new List<string>();
StringLifeValueDictionary.Enumerator iter = loginedUserIdDictionary.GetEnumerator();
while (iter.MoveNext())
{
if (iter.Current.Value.life < DateTime.Now)
{
listRemove.Add(iter.Current.Key);
}
}
foreach (string key in listRemove)
{
loginedUserIdDictionary.Remove(key);
}
}
return loginedUserIdDictionary;
}
}
static StringLifeValueDictionary preLogoutSessionIdDictionary = null;
static StringLifeValueDictionary PreLogoutSessionIdDictionary
{
get
{
if (preLogoutSessionIdDictionary == null)
{
preLogoutSessionIdDictionary = new StringLifeValueDictionary();
}
else
{
List<string> listRemove = new List<string>();
StringLifeValueDictionary.Enumerator iter = preLogoutSessionIdDictionary.GetEnumerator();
while (iter.MoveNext())
{
if (iter.Current.Value.life < DateTime.Now)
{
listRemove.Add(iter.Current.Key);
}
}
foreach (string key in listRemove)
{
preLogoutSessionIdDictionary.Remove(key);
}
}
return preLogoutSessionIdDictionary;
}
}
public SingleLoginModuler()
{
//
// TODO: 在此处添加构造函数逻辑
//
}
IHttpModule 成员#region IHttpModule 成员
public void Dispose()
{
}
public void Init(HttpApplication context)
{
context.PreRequestHandlerExecute += new EventHandler(context_PreRequestHandlerExecute);
context.PostRequestHandlerExecute += new EventHandler(context_PostRequestHandlerExecute);
}
void context_PreRequestHandlerExecute(object sender, EventArgs e)
{
HttpApplication context = sender as HttpApplication;
IHttpHandler httpHandler = context.Context.CurrentHandler;
if (httpHandler is ISingleLogin)
{
ISingleLogin sl = httpHandler as ISingleLogin;
string suid = sl.SigleUserLoginId;
if (suid != string.Empty)
{
if (PreLogoutSessionIdDictionary.ContainsKey(context.Session.SessionID))
{
//这个用户应该强制登出
PreLogoutSessionIdDictionary.Remove(context.Session.SessionID);
Page page = (Page)httpHandler;
page.PreInit += new EventHandler(page_PreInit);
}
else if (!LoginedUserIdDictionary.ContainsKey(suid))
{
LoginedUserIdDictionary.Add(suid, new LifeValue(context.Session.SessionID));
}
}
}
}
void page_PreInit(object sender, EventArgs e)
{
Page page = sender as Page;
ISingleLogin sl = page as ISingleLogin;
if (sl != null)
{
sl.SigleUserLogout();
page.Response.End();
}
}
void context_PostRequestHandlerExecute(object sender, EventArgs e)
{
//从LogineduserId 里找到和当前用户一样的用户ID的SessionId
HttpApplication context = sender as HttpApplication;
IHttpHandler httpHandler = context.Context.CurrentHandler;
if (httpHandler is ISingleLogin)
{
ISingleLogin sl = httpHandler as ISingleLogin;
string suid = sl.SigleUserLoginId;
if (suid != string.Empty)
{
if (LoginedUserIdDictionary.ContainsKey(suid))
{
string sessionId = LoginedUserIdDictionary[suid].value;
if (sessionId != context.Session.SessionID)
{
if (!PreLogoutSessionIdDictionary.ContainsKey(sessionId))
{
PreLogoutSessionIdDictionary.Add(sessionId,new LifeValue(suid));
}
LoginedUserIdDictionary.Remove(suid);
}
}
else
{
LoginedUserIdDictionary.Add(sl.SigleUserLoginId, new LifeValue( context.Session.SessionID));
}
}
}
}
#endregion
}
public class LifeValue
{
public string value;
public DateTime life;
public LifeValue(string value)
{
this.value = value;
this.life = DateTime.Now.AddMinutes(HttpContext.Current.Session.Timeout + 5);
}
}
public class StringLifeValueDictionary : Dictionary<string, LifeValue>
{
}
public interface ISingleLogin
{
string SigleUserLoginId { get; }
void SigleUserLogout();
}
}
本文来自CSDN博客,转载请标明出处:http://blog.csdn.net/zwei1121/archive/2006/05/17/742203.aspx