At the same time, only one account can log on to the system.

I used springsecurity to implement this kind of requirement. I didn't consider how to implement it with pure configuration.

Today, my friend asked me not to use springsecurity for implementation. I thought it was feasible. Write it down first and try it at night...

1. Create a map in applicationcontext. The key is the account ID and the value is session.
2. when you log on, you can use the contains () method to determine whether the map contains the ID key. If so, delete the session from the map, put the new session. If not.

3. In the filter, retrieve the session from the map of the application and compare the session ID with your own session. If the values are the same, continue the operation. If the values are different, the user logs in and jumps out of the system and gives a prompt.

 

 

In the logon action:
// Judge repeated logins
Servletcontext application = servletactioncontext. getservletcontext ();
Hashmap <string, httpsession> sessionmap = (hashmap <string, httpsession>) application. getattribute ("sessionmap ");
If (null! = Sessionmap ){
Sessionmap. Remove (Enterprise. getuserid ());
Sessionmap. Put (Enterprise. getuserid (), session );
Application. setattribute ("sessionmap", sessionmap );
} Else {
Hashmap <string, httpsession> map = new hashmap <string, httpsession> ();
Map. Put (Enterprise. getuserid (), session );
Application. setattribute ("sessionmap", MAP );
}

 

Public class safetyfilter implements filter {
Servletcontext application;
Public void destroy (){

}

Public void dofilter (servletrequest, servletresponse,
Filterchain chain) throws ioexception, servletexception {
Httpservletrequest request = (httpservletrequest) servletrequest;
Httpservletresponse response = (httpservletresponse) servletresponse;
String servletpath = request. getservletpath (). Trim ();

System. Out. println (servletpath );

// Do not intercept the First Login, password change, and exit the system
If (! "/Transfer/getsignacode.shtml". Equals (servletpath)
&&! "/Safety/updatelogpwd.shtml". Equals (servletpath)
&&! "/System/tologin.shtml". Equals (servletpath)
&&! "/Qyqt/system/tologin.shtml". Equals (servletpath )){

// Determine Session Timeout
If (! Path. Equals ("system ")){
Enterprise en = (enterprise) request. getsession (). getattribute ("enterprise ");
If (en = NULL ){
Response. setcontenttype ("text/html; charset = UTF-8 ");
Printwriter out = response. getwriter ();
Out. Print ("<SCRIPT> parent. Window. Location = '/qyqt/system/tologin.shtml'; </SCRIPT> ");
Return;
}
}

// Judge repeated logins
Hashmap <string, httpsession> sessionmap = (hashmap <string, httpsession>) application. getattribute ("sessionmap ");
Enterprise user = (enterprise) request. getsession (). getattribute ("enterprise ");
If (null! = Sessionmap & null! = User ){
Httpsession thissession = request. getsession ();
Httpsession othersession = sessionmap. Get (user. getuserid ());
If (! Thissession. GETID (). Equals (othersession. GETID ())){
Response. setcontenttype ("text/html; charset = UTF-8 ");
Printwriter out = response. getwriter ();
Out. Print ("<SCRIPT> parent. Window. Location = '/qyqt/system/tologin.shtml'; </SCRIPT> ");
Return;
}
}
}

Chain. dofilter (request, response );
}

Public void Init (filterconfig arg0) throws servletexception {
Application = arg0.getservletcontext ();
}

}