Single Sign-on for login in spring MVC project

In many web products need to be implemented at the same time, only one account can be allowed to log in only one browser. Popular point is that when a account is in

Browser 1 login, at this time in Browser 2 login a account. Then the a account in browser 1 will be squeezed out, when the user operates the browser 1 page, the page will be

Skip to login page and need to sign in again. So how do we achieve such a function? The following will give you a detailed introduction:

Principle

User A uses account A to log in in the browser, and then User B logs on to account A in the browser on the other computer, and when User B login verification is successful, it will touch

Send login Listening class, in the listening class to determine that account A has been user a login, the user A's account a kicked out, when user a Operation page, the page will jump to

Login page.

Code implementation

In the implementation process, use the Loginlistenner listener class, login login method and configure the listener class in Web. xml

Loginlistenner

When the login is successful, put the login successful account object Loginuser in the session, trigger the Attributeadded event in Loginlistenner, in this event,

We determine if there is a session for the current login in the map that holds the account and session correspondence, and if so we remove the session from the map and note

Pin the session, and then put the newly logged in account and session into the map. Here's the code:

/** * * @ClassName: Loginlistenner * @Description: Login Monitoring class-only allow account at the same time, single location * @author mr_smile2014 [email protected] * @date November 12, 2014 PM 2:23:41 * */public class Loginlistenner implements Httpsessionattributelistener {/** * for storing accounts and Sessi On corresponds to map */private map<string, httpsession> map = new hashmap<string, httpsession> ();/** * When the data is triggered into the session */public void Attributeadded (Httpsessionbindingevent event) {String name = Event.getname (); Name.equals ("Loginuser")) {User user = (user) event.getvalue (); if (Map.get (User.getusername ()) = null) {HttpSession Session = Map.get (User.getusername ()); Session.removeattribute (User.getusername ()); Session.invalidate ();} Map.put (User.getusername (), event.getsession ());}} /** * When removing data from the session trigger */public void Attributeremoved (Httpsessionbindingevent event) {String name = Event.getname (); if (n Ame.equals ("Loginuser")) {User user = (user) event.getvalue (); Map.Remove (User.getusername ());}} public void attributereplaced (HttpsessionbindingevenT event) {}public map<string, httpsession> Getmap () {return Map;} public void Setmap (map<string, httpsession> map) {this.map = map;}}

Login method

The account, password, verification code to determine and verify, after the validation of the corresponding user object into the session, the code is as follows:

/** * Login * *  @param userName * @param passWord * @param code *            Verification Code * @param type *            login type (merchant, operator) * @param model * @return */@RequestMapping ("/login") Public String login (string account, String PassWord, String Code,model Model, Httpse Rvletrequest request) {//login authentication and return login successful user Object User=loginresult (userphone, PassWord, Code, request)//Put the user object into session , the Attributeadded event request.getsession () in Loginlistenner will be triggered. SetAttribute ("Loginuser", user);

Web. XML configuration

The Loginlistenner listener class is configured in the Web. xml file so that the listener for the session takes effect. The configuration is as follows:

<!--a user can log on to only one host--><listener><listener-class>com.test.listenner.loginlistenner</ Listener-class></listener>

Single Sign-on for login in spring MVC project