Use the application scope implementation: When the user repeatedly log in, squeeze out the original user

Use the application scope implementation: When the user repeatedly login, squeeze out the original user one, Realization thought 1.application (servletcontext) is stored in the server-side scope, we save two forms of key-value pairs in application: 1:<userid, sessionid>,2:< SessionId, session>2. Whenever a user logs in (a new session is generated), the sessionId is first queried in application based on the UserID:

　　If there is no query to SessionId, indicating that no user has logged in to this account, then <userid, sessionid> and <sessionid, session> two data saved to application

If the query to SessionID indicates that a user has logged in, the following 3 steps will be performed:

1) First get the session that has been logged in, make it invalid 2) and then delete the original session from application, save the new session to application (<sessionid, session>) 3) finally delete the original sessionId from the application, save the new sessionId to Application (<userid, sessionid>) Two, the implementation of the login function handler encoding

@RequestMapping ("/login")     PublicString Login (httpservletrequest request, httpservletresponse response, map<string, object> Map)throwsexception{String userName= Request.getparameter ("UserName"); String Password= Request.getparameter ("Password"); HttpSession Session=request.getsession (); ServletContext Application= Session.getservletcontext ();//Get ApplicationUser User=NewUser (userName, password); User CurrentUser=userservice.login (user); if(CurrentUser = =NULL) {Request.setattribute ("Error", "Wrong user name or password"); return"Login"; } String userId= String.valueof (Currentuser.getid ());//get useridMap.put ("CurrentUser", CurrentUser);//save user to session, note to use @sessionattributes comment        if(Application.getattribute ("userId") = =NULL){//Description No user is logged inApplication.setattribute (UserId, Session.getid ());//save SessionID to ApplicationApplication.setattribute (Session.getid (), session);//Save session to Application}Else{//indicates that a user has logged inString sessionId = (string) application.getattribute (userId);//get the SessionID of the previous user based on UserIDHttpSession oldsession = (HttpSession) application.getattribute (sessionId);//gets the session of the previous user according to SessionIDOldsession.invalidate ();//invalidate the OldsessionApplication.removeattribute (Oldsession.getid ());//Remove the oldsession from the applicationApplication.setattribute (Session.getid (), session);//Save the new session to applicationApplication.removeattribute (USERID);//Remove the ID of the oldsession from the applicationApplication.setattribute (UserId, Session.getid ());//Save the ID of the new session to application        }        return"Main"; }

Iii. Summary 1. Please note why you should deliberately use <userid, sessionid> will sessionId save them?

　　Because, when the second user login, we want to make the first user's session invalid, we have to get the first user's sessionId, so we need to sessionId through <userid, sessionid> form of preservation, To find the first user's SessionID through the UserID to find the first user's session and invalidate it

Using application scopes: When users repeatedly log on, squeeze out the original user