This article mainly introduces the use of session monitoring in Java with the account login limit, the number of login restrictions, the specific code is as follows:
Problem domain:
1, with the account login: If this account has been logged in, can not log in again (contrary to the QQ mode).
2, the number of login limit, over, reached the limit of the number of people prompted: The system is busy, try again later.
Solution: Use Httpsessionattributelistener monitor (although I also use httpsessionlistener but feel bad operation)
Knowledge Reserve: There are Attributeadd, Attributeremove and AttributeReplace3 methods in Httpsessionattributelistener.
The setattribute, RemoveAttribute of the session will trigger the Attributeadd, Attributeremove method, Repeating settings for the same attribute of the same session triggers the Attributereplace method.
Httpsessionlistener bad operation reason: As long as access to the JSP page will create a session (access to HTML does not create a session, on the server side, This is created as a call to Httpservletrequest.getsession (true) in the servlet, which is a dynamic page and is essentially a servlet. My login.jsp is obviously a JSP, when I invalidate a session in the listener, return to the login page, and immediately created a session. This is a place where I don't feel clear, Kung fu is not home.
Specific implementation:
Listener Code
public class Onlinelistener implements Httpsessionlistener, Httpsessionattributelistener {private static List<s
Essionanduser> sessions;
static int dels =-1;
Static Boolean flag = FALSE; static {if (sessions = = null) {sessions = collections. Synchronizedlist (New Arraylist<sessionandu
Ser> ());
} public void sessioncreated (Httpsessionevent HSE) {System.out.println (hse.getsession () + "-" + New Date ());
System.out.println (hse.getsession () + "-" + New Date ()); public void sessiondestroyed (Httpsessionevent HSE) {System.out.println ("-------------sessiondestroyed ()----------
-");
System.out.println (hse.getsession () + "" + New Date (Hse.getsession (). Getlastaccessedtime ()));
System.out.println (hse.getsession () + "" + New Date ()); The public void attributeadded (Httpsessionbindingevent e) {System.out.println ("-------------*start added*------------
-----------"+ sessions.size ()); HttpsessIon session = E.getsession ();
Actioncontext CTX = Actioncontext.getcontext ();
Boolean newone = true;
String attrname = E.getname (); Login if (attrname.equals (constant.user_name)) {//check number of logins if (Sessions.size () >= constant.user_limit)
{Newone = false;
Ctx.put ("Timeoutmsg", "serverbusy");
String nowuser = (string) e.getvalue (); Iterate through all sessions, check whether you are logged in, if prompted to sign in for (int i = Sessions.size ()-1; I >= 0; i--) {Sessionanduser tem = s
Essions.get (i);
if (Tem.getusername (). Equals (Nowuser)) {Newone = false;
Ctx.put ("Timeoutmsg", "beenloged");//Tem.getsession (). Invalidate ()//////With account replacement login, automatic call remove
Break
}///New login account added into account Maintenance list if (Newone) {sessionanduser sau = new Sessionanduser ();
Sau.setusername (Nowuser);
Sau.setsession (session);
Sau.setsid (Session.getid ()); Sessions.add (SAU); }} public void attributeremoved (Httpsessionbindingevent e) throws IllegalStateException {HttpSession
Session = E.getsession ();
System.out. println ("-------------*start removed*-----------------------" + sessions.size ());
if (Dels >-1) {if (flag) {sessions.remove (dels);
Flag = false;
} else {//login String attrname = E.getname ();
if (Attrname.equals (Constant.user_name)) {String Nowuser = (string) e.getvalue ();
Iterate through all sessions for (int i = Sessions.size ()-1; I >= 0; i--) {Sessionanduser tem = sessions.get (i);
if (Tem.getusername (). Equals (Nowuser)) {sessions.remove (i);
Break }}}} public void attributereplaced (Httpsessionbindingevent e) {HttpSession session = E.get
Session (); System.out. println ("-------------*start replace*-----------------------"+ sessions.size ()");
String attrname = E.getname ();
dels =-1; Login if (attrname.equals (constant.user_name)) {//user Nowuser = (user) e.getvalue ();//old value String Nowuser = (String) session.getattribute (constant.user_name);//USER in current session//Traverse all sessions for (int i = ses Sions.size ()-1; I >= 0;
i--) {Sessionanduser tem = sessions.get (i); if (Tem.getusername (). Equals (Nowuser) &&!tem.getsid (). Equals (Session.getid ()) {System.out
. println ("Remove:invalidate 1!");
dels = i;
Flag = true;
else if (Tem.getsid (). Equals (Session.getid ())) {tem.setusername (nowuser); The Remove method is automatically invoked if (dels!=-1) {Sessions.get (dels). GetSession (). Invalidate ().
You will remove it from the sessions}}}
The main idea of the code is to define a static List<sessionanduser> store session and account name.
Login action to get the listener return value and process the code
Session.setattribute (Constant.user_name, Operator.getusername ());
Actioncontext CTX = Actioncontext.getcontext ();
if ("Serverbusy". Equals (Ctx.get ("timeoutmsg")) {
ctx.put ("timeoutmsg", "server busy, please try again later");
return "Jump";
}
if ("Beenloged". Equals (Ctx.get ("timeoutmsg"))) {
ctx.put ("timeoutmsg", "Log in Elsewhere");
return "Jump";
}
Page capture hint Information code
<% @taglib prefix= "s" uri= "/struts-tags"%> <s:property value=
"#attr. Timeoutmsg"/>
Thank you for reading, I hope to help you, thank you for your support for this site!