SSH版最大会话连接数

在登录方法中加入如下两行语句，作为程序的入口：

SessionListener.isAlreadyEnter(getHttpRequest().getSession(),this.getUserCode(),loginUser)

getHttpRequest().getSession().setAttribute("isLoginIn", "LoginIn");

在SessionListener类中做相关的踢出处理：

import java.util.HashMap;
import java.util.Iterator;
import java.util.Map;
import javax.servlet.ServletRequestEvent;
import javax.servlet.ServletRequestListener;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;
import javax.servlet.http.HttpSessionAttributeListener;
import javax.servlet.http.HttpSessionBindingEvent;
import javax.servlet.http.HttpSessionEvent;
import javax.servlet.http.HttpSessionListener;
import org.apache.struts2.ServletActionContext;
import com.hhwy.iepip.framework.message.Message;
import com.opensymphony.xwork2.ActionContext;
public class SessionListener implements HttpSessionListener,ServletRequestListener,HttpSessionAttributeListener{
public static Map<String, HttpSession> sessionMap = new HashMap<String, HttpSession>();
public static Map<String, HttpSession> sessionMap1 = new HashMap<String, HttpSession>();
private static Boolean onlyOne = Boolean.valueOf(Message.getMessage("session.onlyone"));
private HttpServletRequest request ;
/**获取request对象*/
public void requestInitialized(ServletRequestEvent event) {
request = (HttpServletRequest)event.getServletRequest();
}
/**以下是实现HttpSessionListener中的方法:该方法登录与否都会执行**/
public void sessionCreated(HttpSessionEvent se){
}
/**以下是实现HttpSessionListener中的方法**/
public void sessionDestroyed(HttpSessionEvent se){
hUserName.remove(se.getSession().getId());
UserObject.remove(se.getSession().getId());
if(sessionMap!=null){
sessionMap.remove(se.getSession().getId());
}
if(sessionMap1!=null){
sessionMap1.remove(se.getSession().getId());
}
}
/**
* isAlreadyEnter-用于判断用户是否已经登录以及相应的处理方法
* <该方法是系统业务的方法，不是处理单个用户登录的问题，以该方法做为程序的入口>
*/
public static boolean isAlreadyEnter(HttpSession session,String sUserName,LoginUserInfo loginTriggers){
boolean flag = false;
return flag;
}
/**
* 此方法，可以在登录时候添加一个session 用以判断是否已经登录，然后再进行登录人登录控制
*/
public void attributeAdded(HttpSessionBindingEvent event) {
//如果只允许一个账号一处登陆,单台客户端电脑只允许一个用户登录
if(onlyOne.booleanValue()){
String name = event.getName();
if(name.equals("isLoginIn")){
// 单台客户端电脑只允许一个用户登录
String ipAddr = this.getIpAddr(request);
//如果原先已登录，则踢出原先登陆的
if(sessionMap1.containsKey(ipAddr) ){
try{
sessionMap1.get(ipAddr).invalidate();
}catch(Exception e){}
sessionMap1.remove(ipAddr);
}
if(ipAddr != null && event.getSession().isNew())
sessionMap1.put(ipAddr, event.getSession());
//只允许一个账号一个客户端登陆
String userName= getUserName(event);
if(sessionMap.containsKey(userName) ){
try{
sessionMap.get(userName).invalidate();
}catch(Exception e){}
sessionMap.remove(userName);
}
if(userName != null && event.getSession().isNew())
sessionMap.put(userName, event.getSession());
}
}
}
public static String getIpAddr(HttpServletRequest request) {
String ip = request.getHeader("x-forwarded-for");
if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {
ip = request.getHeader("Proxy-Client-IP");
}
if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {
ip = request.getHeader("WL-Proxy-Client-IP");
}
if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {
ip = request.getRemoteAddr();
}
return ip;
}
/*获取session中存储的用户名*/
private String getUserName(HttpSessionBindingEvent se) {
String userName = null;
return userName;
}
public void attributeRemoved(HttpSessionBindingEvent event) {
// TODO Auto-generated method stub
}
public void attributeReplaced(HttpSessionBindingEvent arg0) {
// TODO Auto-generated method stub
}
public void requestDestroyed(ServletRequestEvent arg0) {
// TODO Auto-generated method stub
}