如果已经登录,则阻止登录用户访问 Web 应用程序 Struts 2
Prevent login user to web application if already login Struts 2
如果用户已经在使用 Struts2 框架的不同系统上登录,我如何阻止该用户登录?
如果您能够将 Spring Security 与您现有的应用程序集成,那么只需在配置中添加几行即可通过简单的配置来处理它。
将以下行添加到您的配置文件中
<http>
...
<session-management>
<concurrency-control max-sessions="1" />
</session-management>
</http>
它一次只允许一个用户登录,如果用户从不同的系统或浏览器登录,它会给出用户已达到最大登录限制的消息。
如果您 spring 安全不是一个选项,那么您可以使用以下选项。
Use a SessionInterceptor which will check for session validity, if
session is valid it will check if user is already logged in to the
application (for this you will have to maintain session somewhere for
eg database for every successful login), if valid login is found,
redirect user again to login page with custom message, or logout
already valid session and then redirect him to login again. If you
logout earlier session it would mean any successive action in that
browser session will have to deal with invalid session.
如果用户已经在使用 Struts2 框架的不同系统上登录,我如何阻止该用户登录?
如果您能够将 Spring Security 与您现有的应用程序集成,那么只需在配置中添加几行即可通过简单的配置来处理它。
将以下行添加到您的配置文件中
<http>
...
<session-management>
<concurrency-control max-sessions="1" />
</session-management>
</http>
它一次只允许一个用户登录,如果用户从不同的系统或浏览器登录,它会给出用户已达到最大登录限制的消息。
如果您 spring 安全不是一个选项,那么您可以使用以下选项。
Use a SessionInterceptor which will check for session validity, if session is valid it will check if user is already logged in to the application (for this you will have to maintain session somewhere for eg database for every successful login), if valid login is found, redirect user again to login page with custom message, or logout already valid session and then redirect him to login again. If you logout earlier session it would mean any successive action in that browser session will have to deal with invalid session.