通过Java锁定oracle中的登录用户 [英] lock logged in user in oracle by java

问题描述

我在jsp，servlet和db中有一个Java Web应用程序，它是oracle 10g EE.在登录时，如果一个用户已经登录，那么我如何才能阻止同一用户再次登录，除非注销?

i have one java web application in jsp and servlet and db as oracle 10g EE. In login if one user has been logged in then how can i prevent same user from logging again unless sign out?

注意::我不是不是告诉我，如果已登录的用户单击登录页面，则立即将其转发到其主页.

Note: I am not telling that if a logged in user will click on login page then immediately he would be forwarded to his home page.

我问的是，如果他已经登录，我该如何防止该登录用户再次登录.假设用户A已登录到db(退出未完成)，那么用户B尝试登录到db与用户A的用户ID和密码一起使用，那么将仅阻止用户B登录.我该如何实现?

I am asking is how can i prevent that logged in user to login again if he is already logged in. Suppose user A is already logged in into the db(sign out not done), then user B tries to login in to db with the user id and password of user A, then simply user B will be prevented from login. How do i implement that?

推荐答案

让数据库完成自己的工作！

Let the database do it's own job!

(此解决方案假定您可以从DBA获得帮助；或者您具有对数据库的SYSDBA访问权限.)

(This solution assumes that you can get help from DBAs; or you have SYSDBA access to the database.)

首先创建一个配置文件，每个用户只允许一个会话:

First create a profile that allows only 1 session per user:

CREATE PROFILE single_session_profile
       LIMIT SESSIONS_PER_USER 1;

然后使用正确的个人资料创建用户或更改现有用户以使用个人资料:

Then create the user with the right profile or alter an existing user to use the profile:

CREATE USER user_a
       IDENTIFIED BY user_id
       DEFAULT TABLESPACE users
       TEMPORARY TABLESPACE temp
       QUOTA UNLIMITED ON users
       PROFILE single_session_profile;

或

ALTER  USER user_a
       PROFILE single_session_profile;

最后，数据库需要遵守以下限制:

Finally, the database needs to be observe these limits:

ALTER  SYSTEM SET RESOURCE_LIMIT = TRUE SCOPE = MEMORY;

(SCOPE = MEMORY为当前正在运行的数据库实例启用限制实施；如果要使其具有持久性，即在数据库重新启动后启用，则需要使用SCOPE = BOTH，其中BOTH表示MEMORY和SPFILE，即数据库初始化文件，如果数据库不使用新的SPFILE格式，但是使用旧的PFILE(init.ora)，则需要将RESOURCE_LIMIT设置添加到init.ora并重新启动数据库.)

(SCOPE = MEMORY enables limit enforcement for the currently running database instance; if you want to make it persistent, i.e. enabled after a database restart, you need to use SCOPE = BOTH where BOTH means both MEMORY and SPFILE, i.e. DB initialization file. If the database does not use the new SPFILE format, but the old PFILE (init.ora), then you need to add the RESOURCE_LIMIT setting to the init.ora and restart the database.)

就是这样.如果user_a尝试登录两次，它将得到:

That's it. If a user_a tries to log in twice, it will get:

ORA-02391: exceeded simultaneous SESSIONS_PER_USER limit

这篇关于通过Java锁定oracle中的登录用户的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！