A solution for Java Web to prevent users from repeatedly logging on (simultaneous login by the same user) __java

1. Thinking

In Java Web projects, there are times when you need to prevent users from repeatedly logging on, and there are many solutions. Spring Security, for example, prevents users from repeatedly logging in.
Here's a simple solution: in the Login method for processing logins, query the database to verify that the user exists, if there is a way to determine if the login account is locked, and then remove all login information from the application built-in scope object. To see if the username account has been logged in, if the login, on a friendly note, the contrary means that you can log in, the login information as a key value to the way to save in the application.
When the user logs off, the relevant data in the application is deleted. 2. Sample Code 2.1 Processing Login Methods

    @RequestMapping ("/checklogin.do") public String Checklogin (HttpSession session, string Username, string password)

        {System.out.println ("checklogin.do");
        UserBean User=userservice.login (Username,password); if (user!=null) {//Login succeeds//session.getservletcontext () Application Object ServletContext Application=se
            Ssion.getservletcontext ();
            map<string, string> Loginmap = (map<string, string>) application.getattribute ("LoginMap");
            if (loginmap==null) {loginmap = new hashmap<> ();
                    For (String Key:loginMap.keySet ()) {if (User.getusername (). Equals (key)) { if (Session.getid (). Equals (Loginmap.get (key)) {System.out.println (username+) Log on multiple times in the same location.
                    "); }else{System.out.println (username+) remote login was denied.
                        "); Session.setattribute ("Tip", "This user has logged in offsite.)
       ");                 return "forward:/index.jsp";
            }} loginmap.put (User.getusername (), Session.getid ());
            Application.setattribute ("Loginmap", Loginmap);
            Session.setattribute ("username", user.getusername ()); SYSTEM.OUT.PRINTLN ("Login succeeded.")
            ");
        return "Redirect:/index"; }else{//Login failed System.out.println (Login failed.)
            "); Session.setattribute ("Tip", "Login failed.")
            ");
        return "forward:/index.jsp"; }
    }

2.2 Destroy session

Package cn.hadron.servlet;

Import javax.servlet.http.HttpSessionEvent;
Import Javax.servlet.http.HttpSessionListener;
Import Java.util.Map;

/**
 * Created by Root on 17-9-28.
 *
/public class Sessionlistener implements Httpsessionlistener {

    @Override public
    void sessioncreated ( Httpsessionevent event) {

    }

    @Override public
    void sessiondestroyed (Httpsessionevent event) {
        // When the session is destroyed, the key value saved in the Loginmap is cleared of
        String username = event.getsession (). getattribute ("username"). toString ();
        if (username!=null) {
            map<string, string> loginmap = (map<string, string>) event.getsession (). Getservletcontext (). getattribute ("Loginmap");
            Loginmap.remove (username);
            Event.getsession (). Getservletcontext (). setattribute ("Loginmap", loginmap);
            SYSTEM.OUT.PRINTLN (username+) user logoff. ");
        }
    }

}

2.3 Web.xml

  <listener>
    <listener-class>cn.hadron.servlet.SessionListener</listener-class>
  </ Listener>

2.4 Login Page

${tip}
<form action= "/user/checklogin.do" method= "POST" >
    account Number: <input type= "text" name= "username" ><br>
    Password: <input type= "password" name= "password" ><br>
    <input type= "Submit" value= " Login ">
</form>

3 Test 3.1 Local Login

Note: You can log on multiple times locally. 3.2 Offsite Login

Find another machine to test