通过Java锁定oracle中的登录用户 [英] lock logged in user in oracle by java
问题描述
我在jsp,servlet和db中有一个Java Web应用程序,它是oracle 10g EE.在登录时,如果一个用户已经登录,那么我如何才能阻止同一用户再次登录,除非注销?
i have one java web application in jsp and servlet and db as oracle 10g EE. In login if one user has been logged in then how can i prevent same user from logging again unless sign out?
注意::我不是不是告诉我,如果已登录的用户单击登录页面,则立即将其转发到其主页.
Note: I am not telling that if a logged in user will click on login page then immediately he would be forwarded to his home page.
我问的是,如果他已经登录,我该如何防止该登录用户再次登录.假设用户A已登录到db(退出未完成),那么用户B尝试登录到db与用户A的用户ID和密码一起使用,那么将仅阻止用户B登录.我该如何实现?
I am asking is how can i prevent that logged in user to login again if he is already logged in. Suppose user A is already logged in into the db(sign out not done), then user B tries to login in to db with the user id and password of user A, then simply user B will be prevented from login. How do i implement that?
推荐答案
让数据库完成自己的工作!
Let the database do it's own job!
(此解决方案假定您可以从DBA获得帮助;或者您具有对数据库的SYSDBA访问权限.)
(This solution assumes that you can get help from DBAs; or you have SYSDBA access to the database.)
首先创建一个配置文件,每个用户只允许一个会话:
First create a profile that allows only 1 session per user:
CREATE PROFILE single_session_profile
LIMIT SESSIONS_PER_USER 1;
然后使用正确的个人资料创建用户或更改现有用户以使用个人资料:
Then create the user with the right profile or alter an existing user to use the profile:
CREATE USER user_a
IDENTIFIED BY user_id
DEFAULT TABLESPACE users
TEMPORARY TABLESPACE temp
QUOTA UNLIMITED ON users
PROFILE single_session_profile;
或
ALTER USER user_a
PROFILE single_session_profile;
最后,数据库需要遵守以下限制:
Finally, the database needs to be observe these limits:
ALTER SYSTEM SET RESOURCE_LIMIT = TRUE SCOPE = MEMORY;
(SCOPE = MEMORY
为当前正在运行的数据库实例启用限制实施;如果要使其具有持久性,即在数据库重新启动后启用,则需要使用SCOPE = BOTH
,其中BOTH
表示MEMORY
和SPFILE
,即数据库初始化文件,如果数据库不使用新的SPFILE
格式,但是使用旧的PFILE
(init.ora
),则需要将RESOURCE_LIMIT
设置添加到init.ora
并重新启动数据库.)
(SCOPE = MEMORY
enables limit enforcement for the currently running database instance; if you want to make it persistent, i.e. enabled after a database restart, you need to use SCOPE = BOTH
where BOTH
means both MEMORY
and SPFILE
, i.e. DB initialization file. If the database does not use the new SPFILE
format, but the old PFILE
(init.ora
), then you need to add the RESOURCE_LIMIT
setting to the init.ora
and restart the database.)
就是这样.如果user_a
尝试登录两次,它将得到:
That's it. If a user_a
tries to log in twice, it will get:
ORA-02391: exceeded simultaneous SESSIONS_PER_USER limit
这篇关于通过Java锁定oracle中的登录用户的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!