Javaweb to achieve the same account at the same time only one site landing (similar to the function of QQ login) _java

Javaweb realize the same account number at the same time only one site landing (similar to the function of QQ login), the following ideas are as follows:

What is the function of this feature?

Let's think about it. There's always a need for that anyway. What needs are not available these days. Oh. Sometimes it is not necessarily a requirement, it is likely to do so for security. For example, the exam system, online chat system, it is necessary to do this.

Second, the implementation process

A. Analysis of issues

In the system, we usually bind the login information to the session, it seems that from this is possible to find a solution. Plainly, that is, when the user login, to determine whether the user has logged in, if the login, the previous session to clear off the OK. Looks pretty simple, doesn't it? In fact, you think you will find the following questions: How to get before this user has not logged in, that is, how to access all the session information to log in?

B. Concrete implementation

As you know, in the Java EE API there seems to be no specific way to get all the session information directly. However, we can monitor all session creation and destruction processes through the configuration listener, as well as monitor the creation, deletion and replacement of properties in session.

In fact, we only have to do the following processing can:

When you save the user login information to the session, the corresponding session is the creation process of a property (attributeadded), you can record the current session to a ArrayList.

In fact, when you save to the list, you first have to traverse the list to see if the user's login information already exists. If it exists, it destroys the session information that exists in the list, removes it from the list and places the session information in the list if it does not exist.

When the session's login information is destroyed, remove the sesseion from the list directly.

There is the process of replacing a session property when a user logs on without exiting. You also have to do a process to determine whether the new user is already present in other sessions except the current session. exists and is deleted.

The specific code is as follows:

Package COM.WEIRHP;
Import java.util.ArrayList;
Import java.util.Collections;
Import java.util.List;
Import javax.servlet.http.HttpSession;
Import Javax.servlet.http.HttpSessionAttributeListener;
Import javax.servlet.http.HttpSessionBindingEvent;
Import javax.servlet.http.HttpSessionEvent;
Import Javax.servlet.http.HttpSessionListener; public class Recordsessionlistener implements Httpsessionattributelistener, Httpsessionlistener {private static List
<SessionAndUser> sessions;
public static String Loginflag = "Loginuser"; static {if (sessions = = null) {sessions = Collections.synchronizedlist (new arraylist<sessionanduser> ());} publi
c void attributeadded (Httpsessionbindingevent e) {HttpSession session = E.getsession ();
System.out.println ("-------------*start added*-----------------------");
String attrname = E.getname ();
Login if (attrname.equals (Loginflag)) {User Nowuser = (User) e.getvalue ();
User Suser = (user) Session.getattribute (loginflag); Iterate through all session for (int i = sessions.size ()-1; I >= 0; i--) {Sessionanduser tem = sessions.get (i); if (Tem.getuserid (). Equals (Nowuser.getname ())) {tem.getsession ().
Invalidate ();//automatically invoke remove break;
} sessionanduser sau = new Sessionanduser ();
Sau.setuserid (Nowuser.getname ());
Sau.setsession (session);
Sau.setsid (Session.getid ());
Sessions.add (SAU);
} public void attributeremoved (Httpsessionbindingevent e) {HttpSession session = E.getsession ();
System.out.println ("-------------*start removed*-----------------------");
String attrname = E.getname ();  Login if (attrname.equals (Loginflag)) {User Nowuser = (User) e.getvalue ();//Traverse all sessions for (int i = Sessions.size ()-1; I >= 0;
i--) {Sessionanduser tem = sessions.get (i); if (Tem.getuserid (). Equals (Nowuser.getname ())) {sessions.remove (i);
}}} public void attributereplaced (Httpsessionbindingevent e) {HttpSession session = E.getsession ();
System.out.println ("-------------*start replace*-----------------------"); String attrname = E.getnaMe ();
int dels=-1; Login if (attrname.equals (Loginflag)) {//user Nowuser = (user) e.getvalue ();//old value User nowuser = (user) Session.get  Attribute (Loginflag);//Current session user//Traverse all sessions for (int i = Sessions.size ()-1; I >= 0; i--) {Sessionanduser tem
= Sessions.get (i);
if (Tem.getuserid (). Equals (Nowuser.getname ()) &&!tem.getsid (). Equals (Session.getid ())) {
System.out.println ("Remove:invalidate 1!");
Dels=i;
}else if (Tem.getsid (). Equals (Session.getid ())) {Tem.setuserid (Nowuser.getname ());} if (dels!=-1) {sessions.get (dels). GetSession (). invalidate ();//The Remove method is automatically invoked when it fails. It will also remove it from sessions}} public void sessioncreated (Httpsessionevent e) {} public void sessiondestroyed (httpsessionevent e) {}}

The preparation in the Web.xml

<listener>
<display-name>recordSession</display-name>
<listener-class> Com.weirhp.recordsessionlistener</listener-class>
</listener>

Iii. Possible problems

The whole program may have a point not thought of. There may be some bugs, for specific projects need to be cautious, welcome everyone to make bricks, but also want to give some suggestions. I'm going to improve.

Some of the later thoughts

If two machines use the same account at the same time login system, is not two accounts can log in successfully. (There is also the session list is very large, in the period of traversal of the two machines using the same account at the same time login system may also be successful login). It's a tangle. How should we control it?

Solution: The test listener in the system is a single example, in its method plus synchronize keyword can ensure that the list of thread safety. ）

The above is a small set to introduce the javaweb to achieve the same account number of the same time only one site landing (similar to the function of QQ login), I hope to help you, if you have any questions please give me a message, small series will promptly reply to everyone. Here also thank you very much for the cloud Habitat Community website support!