使用session實現防止重複登陸

目前我用的是Struts2的攔截器

1:利用攔截器，配置攔截器  在Struts2中配置

<interceptors>
		<interceptor name="loginInterceptor" class="com.bdqn.util.LoginInterceptor"></interceptor>
		<interceptor-stack name="myStack">
			<interceptor-ref name="loginInterceptor"></interceptor-ref>
			<interceptor-ref name="defaultStack"></interceptor-ref>
			<interceptor-ref name="fileUpload">
				<param name="maximumSize">50000000</param>
			</interceptor-ref>
		</interceptor-stack>
	</interceptors>

	<default-interceptor-ref name="myStack"></default-interceptor-ref>

2：建立LoginInterceptor類 extends AbstractInterceptor    

package com.enet.fileter;

import java.net.URLDecoder;
import java.util.Map;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;
import org.apache.struts2.ServletActionContext;
import com.enet.action.UsersAction;
import com.enet.entity.Userinfo;
import com.opensymphony.xwork2.Action;
import com.opensymphony.xwork2.ActionContext;
import com.opensymphony.xwork2.ActionInvocation;
import com.opensymphony.xwork2.interceptor.AbstractInterceptor;


public class LoginInterceptor extends AbstractInterceptor {

	@Override
	public String intercept(ActionInvocation invaction) throws Exception {
		// TODO Auto-generated method stub
		HttpSession sessiona = ServletActionContext.getRequest().getSession();
		Map<String,Object> session= invaction.getInvocationContext().getSession();  
		System.out.println(session.toString());
		if(UsersAction.class == invaction.getAction().getClass()){
			 return invaction.invoke();  
		}
		Userinfo sss= (Userinfo)sessiona.getAttribute("user");
		Userinfo ss= (Userinfo) ServletActionContext.getRequest().getSession().getAttribute("user");
		
        if(sessiona.getAttribute("user") != null){  
            return invaction.invoke();  
        }else{  
            //若爲空，直接跳轉到登陸頁面  
            return Action.ERROR;  
        }  
	}
}

PS:這個session獲取的是JSP中的值，不是action中的

3：建立一個UserAction，有登陸和登出的方法

public String login(){
		HttpServletRequest httpRequest = ServletActionContext.getRequest();
		HttpSession httpSession = httpRequest.getSession();
		//加密
		user.setPassword(MD5Util.MD5(user.getPassword()));
		//判斷用戶名密碼是否正確，返回這個用戶的對象
		Xuser users=biz.getlogin(user);
		//查看是否有用戶
		if(users !=null){
             //查看判斷是否登陸過
			if(MyHttpSessionListener.OnLineSession.containsKey(users.getLoginname())){
				HttpSession session=MyHttpSessionListener.OnLineSession.get(users.getLoginname());
				if(!httpSession.getId().equals(session.getId())){
					session.invalidate();
				}
			}
			MyHttpSessionListener.OnLineSession.put(users.getLoginname(), httpSession);
			ServletActionContext.getRequest().getSession().setAttribute("user", users);
			return SUCCESS;
		}else{
			return ERROR;
		}
	}
	public String logout(){
		return ERROR;
	}

我是把用戶的名稱做爲KEY保存到Session中，

如今還有會有錯誤的，由於你沒有寫MyHttpSessionListener這個類

4：建立MyHttpSessionListener類 implements HttpSessionListener

package com.enet.fileter;

import java.util.ArrayList;
import java.util.HashMap;
import java.util.Map;
import javax.servlet.annotation.WebListener;
import javax.servlet.http.HttpSession;
import javax.servlet.http.HttpSessionAttributeListener;
import javax.servlet.http.HttpSessionBindingEvent;
import javax.servlet.http.HttpSessionEvent;
import javax.servlet.http.HttpSessionListener;

@WebListener
public class MyHttpSessionListener implements HttpSessionListener {
	public static final Map<String, HttpSession> OnLineSession = new HashMap<String, HttpSession>();
	private int userNumber;
	//獲取人數
	@Override
	public void sessionCreated(HttpSessionEvent event) {
		// TODO Auto-generated method stub
		userNumber++;
		event.getSession().getServletContext().setAttribute("userNumber", userNumber);
	
	}

	@Override
	public void sessionDestroyed(HttpSessionEvent event) {
		HttpSession httpSession = event.getSession();
		for (String key : OnLineSession.keySet()) {
			if (httpSession.getId().equals(OnLineSession.get(key).getId())) {
				OnLineSession.remove(key);
				break;
			}
		}
	}

	
}

  PS：這個是清除session中的值，判斷key中是否有重複的值