可以通过SessionID和用户名来保证同一个用户不能同时登录的问题,下面程序模仿了QQ的登录,当登录后判断当前帐号是否已经登录,如果登录。则踢掉以前登录的用户。
重置sessionID
- private void createNewSession(HttpServletRequest request, HttpServletResponse response, EntCurrentUser entCurrentUser) throws Exception {
- HttpSession oldSession = request.getSession();
- Enumeration attrNames = oldSession.getAttributeNames();
- Map attrMap = new HashMap();
- while(attrNames != null && attrNames.hasMoreElements()) {
- String attrName = (String)attrNames.nextElement();
- attrMap.put(attrName, oldSession.getAttribute(attrName));
- }
- oldSession.invalidate();
- HttpSession newSession = request.getSession(true);
- Set keySet = attrMap.keySet();
- if(keySet != null && !keySet.isEmpty()) {
- Iterator it = keySet.iterator();
- while(it != null && it.hasNext()) {
- String key = (String)it.next();
- newSession.setAttribute(key, attrMap.get(key));
- }
- }
- if(entCurrentUser != null) {
- entCurrentUser.setNewSession(newSession);
- }
- }
参考资料: http://www.xuebuyuan.com/465665.html