如何阻止已经登录的用户从其他浏览器登录 [英] how to stop already signedIn user to sign in from other browser

问题描述

我的应用程序中有登录功能，我可以在会话中存储用户如果他已经在同一浏览器上登录，我也可以阻止用户登录.但是，如果登录用户尝试从不同的浏览器再次登录，我无法阻止他.

I have a login funcitonality in my application , where i am able to store the user in a session and i am also able to stop user to signIn , if he is already Signed in on the same browser .. But if a signedIn user tries to logIn again from a DIFFERENT browser i am not able to stop him .

这是代码..

我正在使用这个

             session=getThreadLocalRequest().getSession(true);
             User loggedInUser = (User) session.getAttribute("user");

现在，如果一个 loginedInUser 试图从另一个选项卡中的相同浏览器进入应用程序，那么这个 loginUser 有用户对象(所以它对我有用)

Now this loggedInUser have the user object if a loggedInUser tries to get in the application from the SAME browser in another tab (SO it works for me)

但是如果一个 loginedInUser 试图从不同的浏览器进入应用程序，那么这个 loggingInUser 是空的(所以它对我不起作用)

BUT this loggedInUser is null if a loggedInUser tries to get in the application from the DIFFERENT browser(SO its not working for me)

这是代码..

            public User signIn(String userid, String password)  {
    String result = "";
    ApplicationContext ctx = new ClassPathXmlApplicationContext(
    "applicationContext.xml");
    MySQLRdbHelper rdbHelper = (MySQLRdbHelper) ctx.getBean("ManagerTie");
    User user = (User) rdbHelper.getAuthentication(userid, password);
    if(user!=null)
    {
        session=getThreadLocalRequest().getSession(true);
        User loggedInUser = (User) session.getAttribute("user");

        if(loggedInUser != null && user.getId() == loggedInUser.getId()){
            user.setId(0);
        }else{
        session=getThreadLocalRequest().getSession(true);
        session.setAttribute("user", user);
        }


    }
    return user;

我使用的是 JAVA、GWT

I am using JAVA , GWT

推荐答案

是通过在服务器端存储 static 映射，其中存储 User Id 作为键和 Session 作为 value.

Yes by storing static map on server side,Which stores User Id as a key and Session as value.

这是直接从我的包中提取的工作代码.

Here is working code from my bag directly.

class SessionObject implements HttpSessionBindingListener {
        User loggedInUser;
        Logger log = Logger.getLogger(SessionObject.class);
        public SessionObject(User loggedInUser) {
            this.loggedInUser=loggedInUser;
        }
        public void valueBound(HttpSessionBindingEvent event) {
            LoggedInUserSessionUtil.getLogggedUserMap()
                                      .put(loggedInUser, event.getSession());
            return;
        }

        public void valueUnbound(HttpSessionBindingEvent event) { 
            try {
                LoggedInUserSessionUtil.removeLoggedUser(loggedInUser);
                return;
            } catch (IllegalStateException e) {
                e.printStackTrace();
            }
             }

    }

我关注的 Java 技巧 和 Java2s 链接，而我正在开发.

Java tip I followed and Java2s link while I developed.

这篇关于如何阻止已经登录的用户从其他浏览器登录的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！