限制同一个会话只允许一个账号登录，针对ie7、e8多标签同一会话问题

package com.anxiesoft.util;

import java.io.IOException;
import java.util.HashMap;
import java.util.Map;

import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.RequestDispatcher;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;

import org.apache.commons.lang.StringUtils;
import org.apache.commons.lang.math.NumberUtils;

public class SessionFilter implements Filter {
 private Map<String,Long> sessions;
 private String loginedCode; 
 LogHelper log = new LogHelper(this.getClass());

 @Override
 public void destroy() {
  log.info("..........destroy..............");
  if (sessions != null) {
   sessions.clear();
   sessions = null;
  }
 }

 @Override
 public void doFilter(ServletRequest req, ServletResponse resp,
   FilterChain chain) throws IOException, ServletException {
  HttpServletRequest request = (HttpServletRequest) req;
  HttpSession session = request.getSession();
  String sessionId = session.getId();
  String url = request.getRequestURL().toString();
  String queryString = request.getQueryString();
  Map parameterMap = request.getParameterMap();
  log.info("来自Ip[" + request.getRemoteAddr() + "]的sessionId:" + sessionId);
  RequestDispatcher dispatcher = request.getRequestDispatcher("/admin/util/session.jsp");
  if (StringUtils.isNotEmpty(url)) {
   if (url.contains("/admin/login.do")) {
    if ("act=logout".equals(queryString)) {
     sessions.remove(sessionId);
     chain.doFilter(req, resp);
     return;
    }
    if (parameterMap.size() == 0) {
     chain.doFilter(req, resp);
     return;
    }
    if (parameterMap.size() == 4) {
     Long logintime = NumberUtils.toLong(request.getParameter("logintime"));
     if (!sessions.containsKey(sessionId)) {
      sessions.put(sessionId,logintime);
      loginedCode = (String) session.getAttribute(Constants.SESSION_VERIFYCODE);
      chain.doFilter(req, resp);
      return;
     } else {
      if (UsersSession.getInstance().getUserid(request) == null) {
       sessions.remove(sessionId);
       chain.doFilter(req, resp);
       return;
      }else{
       Long sessionLoginTime = sessions.get(sessionId);
       if(sessionLoginTime.intValue()==logintime.intValue()){
        chain.doFilter(req, resp);
        return;
       }else{
        session.setAttribute(Constants.SESSION_VERIFYCODE, loginedCode);
        dispatcher.forward(req, resp);
        return;
       }
      }
     }
    }
   } else {
    chain.doFilter(req, resp);
    return;
   }
  } else {
   log.error("web服务器崩溃。。。");
  }
 }

 @Override
 public void init(FilterConfig arg0) throws ServletException {
  log.info("..........init..............");
  sessions = new HashMap<String,Long>();
 }

}

表单提交时，需要提交用户名、密码、验证码、登录时间共4个参数。