用户:login.jsp à loginServlet à index.jsp
管理员: listUser.jsp à kickUserServlet
监听器:SessionAttributeListener
Bean: User
cn.class.domain.User
public class User {
private String username;
private String password;
public User(String username, String password) {
super();
this.username = username;
this.password = password;
}
public User() {
super();
// TODO Auto-generated constructor stub
}
public String getUsername() {
return username;
}
public void setUsername(String username) {
this.username = username;
}
public String getPassword() {
return password;
}
public void setPassword(String password) {
this.password = password;
}
}
login.jsp
<body>
<form action="${pageContext.request.contextPath}/servlet/LoginServlet" method="post">
用户名:<input type="text" name="username"/><br/>
密码:<input type="password" name="password"><br/>
<input type="submit" value="登录">
</form>
</body>
cn.class3g.web.servlet
public void doGet(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
doPost(request,response);
}
public void doPost(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
String username=request.getParameter("username");
String password=request.getParameter("password");
User user=new User(username,password);
request.getSession().setAttribute("user",user);
//用重定向,不用再转发
response.sendRedirect(request.getContextPath()+"/index.jsp");
}
index.jsp
<body>
欢迎您:${user.username }
</body>
cn.class3g.web.listener
public class SessionAttributeListener implements HttpSessionAttributeListener {
public void attributeAdded(HttpSessionBindingEvent arg0) {
Object obj=arg0.getValue();
if(obj instanceof User){
HttpSession session=arg0.getSession();
ServletContext context=session.getServletContext();
Map map=(Map)session.getServletContext().getAttribute("map");
if(map==null){//第一个用户登录,此时还没有创建Map集合
map=new HashMap();
context.setAttribute("map",map);
}
User user=(User)obj;
//登录用户的用户名作为key,登录用户的session对象作为value
map.put(user.getUsername(), session);
}
}
public void attributeRemoved(HttpSessionBindingEvent arg0) {
// TODO Auto-generated method stub
}
public void attributeReplaced(HttpSessionBindingEvent arg0) {
// TODO Auto-generated method stub
}
}
listUser.jsp
<body>
当前的登录用户有:<br/>
<c:forEach var="me" items="${map}">
${me.key }
<a href="${pageContext.request.contextPath}/servlet/KickUserServlet?username=${me.key}">
踢死你!
</a><br/><br/>
</c:forEach>
</body>
cn.class3g.web.servlet
public class KickUserServlet extends HttpServlet {
public void doGet(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
String username=request.getParameter("username");
Map map=(Map) this.getServletContext().getAttribute("map");
HttpSession session=(HttpSession) map.get(username);
if(session!=null){//开踢
session.invalidate();
map.remove(username);
}
request.getRequestDispatcher("/listUser.jsp").forward(request, response);
}
public void doPost(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
doGet(request,response);
}
}
测试流程:
1. 模仿用户登录(多个)
2. 模仿管理员访问listUser.jsp ,踢人
3. 用户重新刷新index.jsp ,发现session已被销毁