[Java]Fobid multiple login

程序员文章站 2022-07-12 16:13:00

...

if (isLogin) {
   //Forbid Multiple Login
   //User login success, refresh session map, if multiple login, make the exists session invalid 
   String sessionIdFromMap = SessionListener.userMap.get(portalLoginName);
   String sessionIdFromReq = request.getSession().getId();
   logger.debug("-------Session ID from user map: {}---------", sessionIdFromMap);
   logger.debug("-------Session ID from request: {}---------", sessionIdFromReq);

            if(sessionIdFromMap != null&&!sessionIdFromMap.equals("")){
              if(sessionIdFromMap.equals(sessionIdFromReq)){
                     logger.debug("======session map equals request session id=====");
          SessionListener.sessionMap.get(sessionIdFromMap).invalidate();
          SessionListener.userMap.put(portalLoginName, sessionIdFromReq);
          SessionListener.sessionMap.put(sessionIdFromReq, request.getSession());
          
         }else{
          if (SessionListener.userMap.containsKey(portalLoginName)) {
           logger.debug("=========the same user multiple login=========");
           SessionListener.sessionMap.get(sessionIdFromMap).invalidate();
              SessionListener.userMap.put(portalLoginName, sessionIdFromReq);
              SessionListener.sessionMap.put(sessionIdFromReq, request.getSession());
          }
         }
            logger.debug("=====new session to put into map====");
            SessionListener.userMap.put(portalLoginName,request.getSession().getId());
            SessionListener.sessionMap.put(request.getSession().getId(),request.getSession());
....
}

listener:

public class SessionListener implements HttpSessionListener {

	private static final Logger logger = LoggerFactory.getLogger(SessionListener.class);
	
	public static Map<String, String> userMap = new HashMap<>();
	public static Map<String, HttpSession> sessionMap = new HashMap<>();

	@Override
	public void sessionCreated(HttpSessionEvent se) {
		// TODO Auto-generated method stub

	}

	@Override
	public void sessionDestroyed(HttpSessionEvent se) {
		HttpSession session = se.getSession();
		String sessionId = session.getId();
		logger.debug("-------------session[{}] destroy---------", sessionId);
		sessionMap.remove(sessionId);
		for (String key : userMap.keySet()) {
			if (userMap.get(key).equals(sessionId)) {
				userMap.remove(key);
			}
		}
	}

}

web.xml:

<listener>
  	<listener-class>com.hkt.umg.unified.portal.web.SessionListener</listener-class>
  </listener>

思路:

1.如果第一次登陆,记录登陆的session id

2.如果第二次登陆的session id和第一次相同,而且登录名也一样,则清除掉第一次的session;若session id不同则记录第二次的session id

参考:

https://blog.csdn.net/football98/article/details/52777575

[Java]Fobid multiple login

[Java]Fobid multiple login

java.lang.IllegalArgumentException: String length must be a multiple of four.

java对称加密报错:Input length must be multiple of 8 when decrypting with padded cipher

java AES 加密,报javax.crypto.IllegalBlockSizeException: Input length must be multiple of 16 when decryp

Ways to sort lists of objects in Java based on multiple fields

JAVA实现AES 解密报错Input length must be multiple of 16 when decrypting with padded cipher