如果他再次在相同或不同的浏览器上登录,如何注销用户的上一个会话 [英] How to logout previous session of a user,if he logins again on same or different browser
问题描述
我有一个查询,我希望如果用户已经登录到网页并再次从相同或不同的机器重新登录,那么他的上一个会话应该被杀死并自动登录到主页面。我在客户端使用jquery,在后端使用servlet。我使用tomcat 6作为web服务器和jdk1.6编译器。我只是想像雅虎那样,如果用户从某台机器进入并且下次再次从其他机器或同一台机器登录时,他会从previos会话自动注销并重定向到主页面。请告诉我如何实现它。
I have a query, I want that if a user is already logged in to a web page and again he Relogins from same or different machine then his previous session should be killed and automatically he gets log out to main page. I'm using jquery at client side and servlets at backend. I'm using tomcat 6 as web server and jdk1.6 compiler. I just want as yahoo does, if a user is lodged in from some machine and next time he again logs in from some other or same machine he gets logs out automatically from previos session and is redirected to main page. Please tell how can i implement that.
推荐答案
这是我用来检测不同机器登录的非常人为的方法
Here is my really contrived method for detecting different machine logins
-
当用户登录时,为他生成一个哈希密钥,将其存储在他的会话中,并存储在数据库中。数据库只为用户存储一个hashkey(它不是登录历史记录)
When the user logs in, generate a hash key for him, store it in his session, and in the database. The database only stores one the hashkey for the user (it's not a history of login)
每当用户访问一个页面时,检查一下该方法中的哈希键。 session匹配数据库中的那个
Whenever the user accesses a page, check that the hash key in the session matches the one in the database
如果匹配,一切都很好。
If it matches,all is well.
如果不匹配,则不是来自同一台机器;因为如果用户在其他地方登录,将生成一个新的密钥,并将替换数据库中的密钥。
If it does not matches, it is not from the same machine; because if the user logins elsewhere, a new hashkey would be generated and would replace the one in the database.
4a 。告诉原始机器上的用户你已经登录到其他地方并取消设置那里的所有会话(即,将他注销)。但这只是在下一页刷新 - 如果你使用AJAX可以避免
4a. Tell the user on the original machine that 'You have been logged into somewhere else' and unset all the session there (that is, log him out). But that is only on the next page refresh - which can be avoided if you use AJAX
至于相同的登录 - 如果用户试图登录该网站已登录,只显示他已登录的消息?如果他再次登录会刷新会话数据的意图是什么(我们是否在谈论同一用户在同一台机器上登录同一站点?)
As for same login - if the user tries to login into the site while he is already logged in, just display a message that he's already logged in? What's the intent of flushing the session data if he logs in again (are we talking about the same user logging into the same site on the same machine here?)
这篇关于如果他再次在相同或不同的浏览器上登录,如何注销用户的上一个会话的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
