In some specific cases, users are only allowed to log in in one place at the same time, then the relationship between the user and the corresponding sessionid will be recorded each time they log in, and at the same time, it will check whether the user has already logged in elsewhere before logging in (find out The previous record of the current user account and sessionid), if already logged in, the previous user will be removed. The org.frameworkset.security.session.SessionUtil
component of bboss session provides the following two APIs to support the function of removing user sessions:
//appcode corresponds to appcode in sessionconf.xml file, //If there is no configuration, the corresponding application context request.getContextpath(), if the context is /, the appcode must be specified as ROOT //The following methods can be called when the appcode is clearly known public static void removeSession(String sessionId,String appcode) //If you don't know the appcode, you can call the following method, remove the user session by passing in the request and the corresponding sessionid, and calculate the appcode according to the request object public static void removeSession(String sessionId,HttpServletRequest request)
Through any of the above methods, the user session corresponding to the sessionId can be eliminated. Use reference code:
<%@page import="org.frameworkset.security.session.SessionUtil"%>
<%@ page contentType="text/html; charset=UTF-8"%>
<%@page import="test.*"%>
<%
String sessionId = request.getParameter("sessionId");
if(sessionId != null)
{
SessionUtil.removeSession(sessionId, request);
}
%>