在登录方法中加入如下两行语句,作为程序的入口:
SessionListener.isAlreadyEnter(getHttpRequest().getSession(),this.getUserCode(),loginUser)
getHttpRequest().getSession().setAttribute("isLoginIn", "LoginIn");
在SessionListener类中做相关的踢出处理:
- import java.util.HashMap;
-
import java.util.Iterator;
-
import java.util.Map;
-
import javax.servlet.ServletRequestEvent;
-
import javax.servlet.ServletRequestListener;
-
import javax.servlet.http.HttpServletRequest;
-
import javax.servlet.http.HttpSession;
-
import javax.servlet.http.HttpSessionAttributeListener;
-
import javax.servlet.http.HttpSessionBindingEvent;
-
import javax.servlet.http.HttpSessionEvent;
-
import javax.servlet.http.HttpSessionListener;
-
import org.apache.struts2.ServletActionContext;
-
import com.hhwy.iepip.framework.message.Message;
-
import com.opensymphony.xwork2.ActionContext;
-
public class SessionListener implements HttpSessionListener,ServletRequestListener,HttpSessionAttributeListener{
-
public static Map<String, HttpSession> sessionMap = new HashMap<String, HttpSession>();
-
public static Map<String, HttpSession> sessionMap1 = new HashMap<String, HttpSession>();
-
private static Boolean onlyOne = Boolean.valueOf(Message.getMessage("session.onlyone"));
-
private HttpServletRequest request ;
-
/**获取request对象*/
-
public void requestInitialized(ServletRequestEvent event) {
-
request = (HttpServletRequest)event.getServletRequest();
-
}
-
/**以下是实现HttpSessionListener中的方法:该方法登录与否都会执行**/
-
public void sessionCreated(HttpSessionEvent se){
-
}
-
/**以下是实现HttpSessionListener中的方法**/
-
public void sessionDestroyed(HttpSessionEvent se){
-
hUserName.remove(se.getSession().getId());
-
UserObject.remove(se.getSession().getId());
-
if(sessionMap!=null){
-
sessionMap.remove(se.getSession().getId());
-
}
-
if(sessionMap1!=null){
-
sessionMap1.remove(se.getSession().getId());
-
}
-
}
-
/**
-
* isAlreadyEnter-用于判断用户是否已经登录以及相应的处理方法
-
* <该方法是系统业务的方法,不是处理单个用户登录的问题,以该方法做为程序的入口>
-
*/
-
public static boolean isAlreadyEnter(HttpSession session,String sUserName,LoginUserInfo loginTriggers){
-
boolean flag = false;
-
return flag;
-
}
-
/**
-
* 此方法,可以在登录时候添加一个session 用以判断是否已经登录,然后再进行登录人登录控制
-
*/
-
public void attributeAdded(HttpSessionBindingEvent event) {
-
//如果只允许一个账号一处登陆,单台客户端电脑只允许一个用户登录
-
if(onlyOne.booleanValue()){
-
String name = event.getName();
-
if(name.equals("isLoginIn")){
-
// 单台客户端电脑只允许一个用户登录
-
String ipAddr = this.getIpAddr(request);
-
//如果原先已登录,则踢出原先登陆的
-
if(sessionMap1.containsKey(ipAddr) ){
-
try{
-
sessionMap1.get(ipAddr).invalidate();
-
}catch(Exception e){}
-
sessionMap1.remove(ipAddr);
-
}
-
if(ipAddr != null && event.getSession().isNew())
-
sessionMap1.put(ipAddr, event.getSession());
-
//只允许一个账号一个客户端登陆
-
String userName= getUserName(event);
-
if(sessionMap.containsKey(userName) ){
-
try{
-
sessionMap.get(userName).invalidate();
-
}catch(Exception e){}
-
sessionMap.remove(userName);
-
}
-
if(userName != null && event.getSession().isNew())
-
sessionMap.put(userName, event.getSession());
-
}
-
}
-
}
-
public static String getIpAddr(HttpServletRequest request) {
-
String ip = request.getHeader("x-forwarded-for");
-
if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {
-
ip = request.getHeader("Proxy-Client-IP");
-
}
-
if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {
-
ip = request.getHeader("WL-Proxy-Client-IP");
-
}
-
if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {
-
ip = request.getRemoteAddr();
-
}
-
return ip;
-
}
-
/*获取session中存储的用户名*/
-
private String getUserName(HttpSessionBindingEvent se) {
-
String userName = null;
-
return userName;
-
}
-
public void attributeRemoved(HttpSessionBindingEvent event) {
-
// TODO Auto-generated method stub
-
}
-
public void attributeReplaced(HttpSessionBindingEvent arg0) {
-
// TODO Auto-generated method stub
-
}
-
public void requestDestroyed(ServletRequestEvent arg0) {
-
// TODO Auto-generated method stub
-
}