1. Thinking
In Java Web projects, there are times when you need to prevent users from repeatedly logging on, and there are many solutions. Spring Security, for example, prevents users from repeatedly logging in.
Here's a simple solution: in the Login method for processing logins, query the database to verify that the user exists, if there is a way to determine if the login account is locked, and then remove all login information from the application built-in scope object. To see if the username account has been logged in, if the login, on a friendly note, the contrary means that you can log in, the login information as a key value to the way to save in the application.
When the user logs off, the relevant data in the application is deleted. 2. Sample Code 2.1 Processing Login Methods
@RequestMapping ("/checklogin.do") public String Checklogin (HttpSession session, string Username, string password)
{System.out.println ("checklogin.do");
UserBean User=userservice.login (Username,password); if (user!=null) {//Login succeeds//session.getservletcontext () Application Object ServletContext Application=se
Ssion.getservletcontext ();
map<string, string> Loginmap = (map<string, string>) application.getattribute ("LoginMap");
if (loginmap==null) {loginmap = new hashmap<> ();
For (String Key:loginMap.keySet ()) {if (User.getusername (). Equals (key)) { if (Session.getid (). Equals (Loginmap.get (key)) {System.out.println (username+) Log on multiple times in the same location.
"); }else{System.out.println (username+) remote login was denied.
"); Session.setattribute ("Tip", "This user has logged in offsite.)
"); return "forward:/index.jsp";
}} loginmap.put (User.getusername (), Session.getid ());
Application.setattribute ("Loginmap", Loginmap);
Session.setattribute ("username", user.getusername ()); SYSTEM.OUT.PRINTLN ("Login succeeded.")
");
return "Redirect:/index"; }else{//Login failed System.out.println (Login failed.)
"); Session.setattribute ("Tip", "Login failed.")
");
return "forward:/index.jsp"; }
}
2.2 Destroy session
Package cn.hadron.servlet;
Import javax.servlet.http.HttpSessionEvent;
Import Javax.servlet.http.HttpSessionListener;
Import Java.util.Map;
/**
* Created by Root on 17-9-28.
*
/public class Sessionlistener implements Httpsessionlistener {
@Override public
void sessioncreated ( Httpsessionevent event) {
}
@Override public
void sessiondestroyed (Httpsessionevent event) {
// When the session is destroyed, the key value saved in the Loginmap is cleared of
String username = event.getsession (). getattribute ("username"). toString ();
if (username!=null) {
map<string, string> loginmap = (map<string, string>) event.getsession (). Getservletcontext (). getattribute ("Loginmap");
Loginmap.remove (username);
Event.getsession (). Getservletcontext (). setattribute ("Loginmap", loginmap);
SYSTEM.OUT.PRINTLN (username+) user logoff. ");
}
}
}
2.3 Web.xml
<listener>
<listener-class>cn.hadron.servlet.SessionListener</listener-class>
</ Listener>
2.4 Login Page
${tip}
<form action= "/user/checklogin.do" method= "POST" >
account Number: <input type= "text" name= "username" ><br>
Password: <input type= "password" name= "password" ><br>
<input type= "Submit" value= " Login ">
</form>
3 Test
3.1 Local Login
Note: You can log on multiple times locally. 3.2 Offsite Login
Find another machine to test