添加ui，踢出用户的拦截器

Author: z77z

pom.xml

@@ -36,6 +36,12 @@
 <artifactId>tomcat-embed-jasper</artifactId>
 <scope>provided</scope>
 </dependency>
+
+<!-- jstl标签 -->
+<dependency>
+ <groupId>javax.servlet</groupId>
+ <artifactId>jstl</artifactId>
+ </dependency>
 
 <dependency>
 <groupId>org.mybatis.spring.boot</groupId>

src/main/java/io/z77z/config/ShiroConfig.java

@@ -3,11 +3,14 @@
 import io.z77z.entity.SysPermissionInit;
 import io.z77z.service.SysPermissionInitService;
 import io.z77z.shiro.MyShiroRealm;
+import io.z77z.shiro.filter.KickoutSessionControlFilter;
 
 import java.util.LinkedHashMap;
 import java.util.List;
 import java.util.Map;
 
+import javax.servlet.Filter;
+
 import org.apache.shiro.spring.web.ShiroFilterFactoryBean;
 import org.apache.shiro.web.mgt.CookieRememberMeManager;
 import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
@@ -62,7 +65,13 @@ public ShiroFilterFactoryBean shirFilter(SecurityManager securityManager) {
 shiroFilterFactoryBean.setSuccessUrl("/index");
 // 未授权界面;
 shiroFilterFactoryBean.setUnauthorizedUrl("/403");
-
+
+//自定义拦截器
+Map<String, Filter> filtersMap = new LinkedHashMap<String, Filter>();
+//限制同一帐号同时在线的个数。
+filtersMap.put("kickout", kickoutSessionControlFilter());
+shiroFilterFactoryBean.setFilters(filtersMap);
+
 // 权限控制map.
 Map<String, String> filterChainDefinitionMap = new LinkedHashMap<String, String>();
 // 配置不会被拦截的链接 顺序判断
@@ -94,7 +103,7 @@ public SecurityManager securityManager() {
 // 自定义缓存实现 使用redis
 securityManager.setCacheManager(cacheManager());
 // 自定义session管理 使用redis
-securityManager.setSessionManager(SessionManager());
+securityManager.setSessionManager(sessionManager());
 //注入记住我管理器;
  securityManager.setRememberMeManager(rememberMeManager());
 return securityManager;
@@ -149,7 +158,7 @@ public RedisSessionDAO redisSessionDAO() {
 /**
  * Session Manager
  */
-public DefaultWebSessionManager SessionManager() {
+public DefaultWebSessionManager sessionManager() {
 DefaultWebSessionManager sessionManager = new DefaultWebSessionManager();
 sessionManager.setSessionDAO(redisSessionDAO());
 //设置seesion有效时间
@@ -180,4 +189,25 @@ public CookieRememberMeManager rememberMeManager(){
  cookieRememberMeManager.setCipherKey(Base64.decode("3AvVhmFLUs0KTA3Kprsdag=="));
  return cookieRememberMeManager;
  }
+ 
+ /**
+ * 限制同一账号登录同时登录人数控制
+ * @return
+ */
+ public KickoutSessionControlFilter kickoutSessionControlFilter(){
+ KickoutSessionControlFilter kickoutSessionControlFilter = new KickoutSessionControlFilter();
+ //使用cacheManager获取相应的cache来缓存用户登录的会话；用于保存用户—会话之间的关系的；
+ //这里我们还是用之前shiro使用的redisManager()实现的cacheManager()缓存管理
+ //也可以重新另写一个，重新配置缓存时间之类的自定义缓存属性
+ kickoutSessionControlFilter.setCacheManager(cacheManager());
+ //用于根据会话ID，获取会话进行踢出操作的；
+ kickoutSessionControlFilter.setSessionManager(sessionManager());
+ //是否踢出后来登录的，默认是false；即后者登录的用户踢出前者登录的用户；踢出顺序。
+ kickoutSessionControlFilter.setKickoutAfter(false);
+ //同一个用户最大的会话数，默认1；比如2的意思是同一个用户允许最多同时两个人登录；
+ kickoutSessionControlFilter.setMaxSession(1);
+ //被踢出后重定向到的地址；
+ kickoutSessionControlFilter.setKickoutUrl("/kickout");
+ return kickoutSessionControlFilter;
+ }
 }

src/main/java/io/z77z/controller/LoginController.java renamed to src/main/java/io/z77z/controller/UserController.java

@@ -28,39 +28,56 @@
  * @date 创建时间：2017年2月10日 下午1:32:02
  */
 @Controller
-public class LoginController {
+public class UserController {
 
 @Autowired
 ShiroService shiroService;
 
+//首页
 @RequestMapping(value="index")
 public String index() {
 return "index";
 }
-
+
+//登录
 @RequestMapping(value="login")
 public String login() {
 return "login";
 }
 
-
+//权限测试用
 @RequestMapping(value="add")
 public String add() {
 return "add";
 }
 
+//未授权跳转的页面
 @RequestMapping(value="403")
 public String noPermissions() {
 return "403";
 }
 
+//更新权限
 @RequestMapping(value="updatePermission")
 @ResponseBody
 public String updatePermission() {
 shiroService.updatePermission();
 return "true";
 }
 
+//踢出用户
+@RequestMapping(value="kickouting")
+@ResponseBody
+public String kickouting() {
+
+return "kickout";
+}
+
+//被踢出后跳转的页面
+@RequestMapping(value="kickout")
+public String kickout() {
+return "kickout";
+}
 
 /**
  * ajax登录请求

src/main/java/io/z77z/shiro/filter/KickoutSessionControlFilter.java

@@ -0,0 +1,124 @@
+package io.z77z.shiro.filter;
+
+import org.apache.shiro.cache.Cache;
+import org.apache.shiro.cache.CacheManager;
+import org.apache.shiro.session.Session;
+import org.apache.shiro.session.mgt.DefaultSessionKey;
+import org.apache.shiro.session.mgt.SessionManager;
+import org.apache.shiro.subject.Subject;
+import org.apache.shiro.web.filter.AccessControlFilter;
+import org.apache.shiro.web.util.WebUtils;
+
+import io.z77z.entity.SysUser;
+
+import javax.servlet.ServletRequest;
+import javax.servlet.ServletResponse;
+import java.io.Serializable;
+import java.util.Deque;
+
+/**
+ * @author 作者 z77z
+ * @date 创建时间：2017年3月5日 下午1:16:38
+ * 1.读取当前登录用户名，获取在缓存中的sessionId队列
+ * 2.判断队列的长度，大于最大登录限制的时候，按踢出规则
+ * 将之前的sessionId中的session域中存入kickout：true，并更新队列缓存
+ * 3.判断当前登录的session域中的kickout如果为true，
+ * 想将其做退出登录处理，然后再重定向到踢出登录提示页面
+ */
+public class KickoutSessionControlFilter extends AccessControlFilter {
+
+ private String kickoutUrl; //踢出后到的地址
+ private boolean kickoutAfter = false; //踢出之前登录的/之后登录的用户 默认踢出之前登录的用户
+ private int maxSession = 1; //同一个帐号最大会话数 默认1
+
+ private SessionManager sessionManager;
+ private Cache<String, Deque<Serializable>> cache;
+
+ public void setKickoutUrl(String kickoutUrl) {
+ this.kickoutUrl = kickoutUrl;
+ }
+
+ public void setKickoutAfter(boolean kickoutAfter) {
+ this.kickoutAfter = kickoutAfter;
+ }
+
+ public void setMaxSession(int maxSession) {
+ this.maxSession = maxSession;
+ }
+
+ public void setSessionManager(SessionManager sessionManager) {
+ this.sessionManager = sessionManager;
+ }
+ //设置Cache的key的前缀
+ public void setCacheManager(CacheManager cacheManager) {
+ this.cache = cacheManager.getCache("shiro_redis_cache");
+ }
+
+ @Override
+ protected boolean isAccessAllowed(ServletRequest request, ServletResponse response, Object mappedValue) throws Exception {
+ return false;
+ }
+
+ @Override
+ protected boolean onAccessDenied(ServletRequest request, ServletResponse response) throws Exception {
+ Subject subject = getSubject(request, response);
+ if(!subject.isAuthenticated() && !subject.isRemembered()) {
+ //如果没有登录，直接进行之后的流程
+ return true;
+ }
+
+ Session session = subject.getSession();
+ SysUser user = (SysUser) subject.getPrincipal();
+ String username = user.getNickname();
+ Serializable sessionId = session.getId();
+
+ //读取缓存 没有就存入
+ Deque<Serializable> deque = cache.get(username);
+ 
+ //如果队列里没有此sessionId，且用户没有被踢出；放入队列
+ if(!deque.contains(sessionId) && session.getAttribute("kickout") == null) {
+ //将sessionId存入队列
+ deque.push(sessionId);
+ //将用户的sessionId队列缓存
+ cache.put(username, deque);
+ }
+
+ //如果队列里的sessionId数超出最大会话数，开始踢人
+ while(deque.size() > maxSession) {
+ Serializable kickoutSessionId = null;
+ if(kickoutAfter) { //如果踢出后者
+ kickoutSessionId = deque.removeFirst();
+ } else { //否则踢出前者
+ kickoutSessionId = deque.removeLast();
+ }
+ //踢出后再更新下缓存队列
+ cache.put(username, deque);
+ 
+ 
+ try {
+ //获取被踢出的sessionId的session对象
+ Session kickoutSession = sessionManager.getSession(new DefaultSessionKey(kickoutSessionId));
+ if(kickoutSession != null) {
+ //设置会话的kickout属性表示踢出了
+ kickoutSession.setAttribute("kickout", true);
+ }
+ } catch (Exception e) {//ignore exception
+ }
+ }
+
+ //如果被踢出了，直接退出，重定向到踢出后的地址
+ if ((Boolean)session.getAttribute("kickout")!=null&&(Boolean)session.getAttribute("kickout") == true) {
+ //会话被踢出了
+ try {
+ //退出登录
+ subject.logout();
+ } catch (Exception e) { //ignore
+ }
+ saveRequest(request);
+ //重定向
+ WebUtils.issueRedirect(request, response, kickoutUrl);
+ return false;
+ }
+ return true;
+ }
+}

src/main/webapp/WEB-INF/view/add.jsp

@@ -15,6 +15,17 @@
 <title>Insert title here</title>
 </head>
 <body>
-具有添加权限
+具有添加权限 
+
+<input type="button" id="updatePermission" value="更新链接权限" />
 </body>
+<script type="text/javascript">
+$("#updatePermission").click(function(){
+$.post("/updatePermission", {}, function(result) {
+if (result == "true") {
+alert("权限更新成功！！");
+}
+});
+});
+</script>
 </html>

src/main/webapp/WEB-INF/view/index.jsp

@@ -1,39 +1,60 @@
-<%@ page language="java" contentType="text/html; charset=UTF-8"
-pageEncoding="UTF-8"%>
-<%
-String path = request.getContextPath();
-String basePath = request.getScheme() + "://"
-+ request.getServerName() + ":" + request.getServerPort()
-+ path;
-%>
-<!DOCTYPE html>
+<!DOCTYPE HTML>
+<%@ page language="java" contentType="text/html; charset=utf-8" pageEncoding="utf-8"%>
+<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core" %>
 <html>
-<head>
-<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
-<script type="text/javascript"
-src="<%=basePath%>/static/js/jquery-1.11.3.js"></script>
-<title>Insert title here</title>
-</head>
-<body>
-helloJsp
-<hr>${user}
-<input type="button" id="logout" value="退出登录" />
-<input type="button" id="updatePermission" value="更新链接权限" />
-<input type="button" id="add" value="访问权限页面" />
-</body>
-<script type="text/javascript">
-$("#logout").click(function(){
-location.href="/logout";
-});
-$("#updatePermission").click(function(){
-$.post("/updatePermission", {}, function(result) {
-if (result == "true") {
-alert("权限更新成功！！");
-}
-});
-});
-$("#add").click(function(){
-location.href="/add";
-});
-</script>
+ <head>
+ <title>z77z后台管理|首页</title>
+ <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
+ <link href="<%=request.getContextPath()%>/static/assets/css/dpl-min.css" rel="stylesheet" type="text/css" />
+ <link href="<%=request.getContextPath()%>/static/assets/css/bui-min.css" rel="stylesheet" type="text/css" />
+ <link href="<%=request.getContextPath()%>/static/assets/css/main.css" rel="stylesheet" type="text/css" />
+ </head>
+ <body>
+ <div class="header">
+ <div class="dl-title">
+ <a href="http://z77z.oschina.io/" title="个人博客地址" target="_blank">
+ <span class="lp-title-port">z77z</span><span class="dl-title-text">后台管理系统</span>
+ </a>
+ </div>
+ <div class="dl-log">欢迎您，<span class="dl-log-user">王二</span>
+	<span class="admin">（管理员）</span>
+ <a href="logout" title="退出系统" class="dl-log-quit">[退出]</a>
+ </div>
+ </div>
+ <div class="content">
+ <div class="dl-main-nav">
+ <ul id="J_Nav" class="nav-list ks-clear">
+ <li class="nav-item dl-selected"><div class="nav-item-inner nav-storage">首页</div></li>
+ </ul>
+ </div>
+ <ul id="J_NavContent" class="dl-tab-conten">
+ </ul>
+ </div>
+ <script type="text/javascript" src="<%=request.getContextPath()%>/static/assets/js/jquery-1.8.1.min.js"></script>
+ <script type="text/javascript" src="<%=request.getContextPath()%>/static/assets/js/bui-min.js"></script>
+ <script type="text/javascript" src="<%=request.getContextPath()%>/static/assets/js/config-min.js"></script>
+ <script type="text/javascript" src="<%=request.getContextPath()%>/static/lib/layer/1.9.3/layer.js"></script>
+ <script>
+//学生登录
+BUI.use('common/main',function(){
+ var config = [{
+ id:'system',
+ menu:[{
+ text:'系统管理',
+ items:[
+ {id:'yhgl',text:'用户管理',href:'/StuSystem/score/xsgrcjcx?studentId=' + '${userbean.userId}'},
+ {id:'qxgl',text:'权限管理',href:'/StuSystem/score/scoreone?page=1&studentId=' + '${userbean.userId}' },
+{id:'jsgl',text:'角色管理',href:'/StuSystem/student/studentone?stuId=' + '${userbean.userId}' },
+{id:'csqxgl',text:'初始权限管理',href:'/StuSystem/user/dlmmxg'},
+{id:'zxyhgl',text:'在线用户管理',href:'/StuSystem/user/dlmmxg'},
+{id:'qxcsym',text:'权限测试页面',href:'/add'}
+ ]
+ }]
+ }];
+ new PageUtil.MainPage({
+ modulesConfig : config
+ });
+ });
+ </script>
+ </body>
 </html>