Я буду стараться изо всех сил, чтобы объяснить ошибку, которая произошла в моем веб-приложении.
"Если пользователь A входит в систему первым после того, как этот пользователь B имеет учетную запись на отдельном ПК / мобильном устройстве, если пользователь A нажимаетпри выходе из системы, он также завершает сеанс входа пользователя B. "
Я знаю, что это проблема, связанная с сеансом, но в данный момент я новичок в сеансе, поэтому любезно помогите мне решить эту проблему.
Вот код контроллера
@Controller public class MainController {
// CREATING REFERENCE
private UserRepository userRepository;
private SendServiceImpl sendService;
private SmsRepository smsRepository;
private IncomingUrlRepository incomingUrlRepository;
private OutgoingUrlRepository outgoingUrlRepository;
private IncomingUrl incomingUrlObj;
private OutgoingUrl outgoingUrlObj;
private ActivityLogsRepository activityLogsRepositoryObj;
// CREATING OBJECTS OF DIFFERENT CLASS
Users userObj = new Users();
Validation validationObj = new Validation();
OneTimePassword oneTimePasswordObj = new OneTimePassword();
Utility utility = new Utility();
Sms outgoingSmsObj = new Sms();
Activities activitiesObj = new Activities();
ActivityLogs activityLogsObj ;
ActivityType activityTypeObj ;
HttpSession session = null;
// CREATING LOGGER
private static final Logger logger = LogManager.getLogger(MainController.class);
public static int loginAttemptCount = 0;
public static int maxLoginAttemptCount = 3;
@Autowired
public MainController(UserRepository userRepository,SmsRepository smsRepository,IncomingUrlRepository incomingUrlRepository,OutgoingUrlRepository outgoingUrlRepository,ActivityLogsRepository activityLogsRepository)
{
this.userRepository = userRepository;
this.smsRepository = smsRepository;
this.incomingUrlRepository = incomingUrlRepository;
this.outgoingUrlRepository = outgoingUrlRepository;
this.activityLogsRepositoryObj = activityLogsRepository;
}
// SHOW LOGIN PAGE
@RequestMapping(value = "/login", method = RequestMethod.GET)
public String login(HttpServletRequest request)
{
// FETCH URL INFORMATION
incomingUrlObj = new IncomingUrl();
incomingUrlObj.fetchURLInformation(incomingUrlObj, request);
// SAVE URL INFORMATION IN DATABASE
incomingUrlRepository.save(incomingUrlObj);
return "index";
}
// SHOW LOGIN PAGE EVEN IF SOMEONE TRIES TO ACCESS DIRECTLY HOME PAGE
@RequestMapping(value = "/home", method = RequestMethod.GET)
public String home(HttpServletRequest request)
{
// FETCH URL INFORMATION
incomingUrlObj = new IncomingUrl();
incomingUrlObj.fetchURLInformation(incomingUrlObj, request);
// SAVE URL INFORMATION IN DATABASE
incomingUrlRepository.save(incomingUrlObj);
session = request.getSession(false);
if(session == null)
{
return "index";
}
return "home";
}
@RequestMapping(value = "/result", method = RequestMethod.GET)
public String result(HttpServletRequest request)
{
// FETCH URL INFORMATION
incomingUrlObj = new IncomingUrl();
incomingUrlObj.fetchURLInformation(incomingUrlObj, request);
// SAVE URL INFORMATION IN DATABASE
incomingUrlRepository.save(incomingUrlObj);
if(session.getAttribute("challengekey_1") == "" || session.getAttribute("challengekey_1")== null)
{
return "index";
}
return "result";
}
// SHOW GENERATE PASSWORD PAGE
@RequestMapping(value = "/GeneratePassword", method = RequestMethod.GET)
public String generatePassword(HttpServletRequest request)
{
incomingUrlObj = new IncomingUrl();
incomingUrlObj.fetchURLInformation(incomingUrlObj, request);
// SAVE URL INFORMATION IN DATABASE
incomingUrlRepository.save(incomingUrlObj);
return "GeneratePassword";
}
// HANDLE LOGIN POST REQUEST
@RequestMapping(value = "/login", method = RequestMethod.POST)
public ModelAndView login(@ModelAttribute(name = "loginForm") Login login, Model model,HttpServletRequest req)
{
// FETCH URL INFORMATION
incomingUrlObj = new IncomingUrl();
incomingUrlObj.fetchURLInformation(incomingUrlObj, req);
activityLogsObj = new ActivityLogs();
activityTypeObj = new ActivityType();
logger.info("REQUESTED METHOD :" + incomingUrlObj.getHttpMethod());
logger.info("REQUESTED URL :" + incomingUrlObj.getUrlText());
logger.info("REQUESTED QUERY STRING :" + incomingUrlObj.getUrlQueryString());
logger.info("IP ADDRESS :" + incomingUrlObj.getIpAddress());
logger.info("IP TRACE GEO LOCATION :" + incomingUrlObj.getIpTraceGeoLocation());
logger.info("REQUEST TIME :" + incomingUrlObj.getIncomingUrlTime());
String mobileNumber = login.getMobileNumber();
String password = login.getPassword();
logger.info("MOBILE NUMBER :"+ mobileNumber);
// ENCRYPT THE PASSOWRD
String encryptPassword = PasswordHashing.cryptWithMD5(password);
// APPEND LOGIN DETAILS IN URL TEXT
StringBuilder sb = new StringBuilder();
sb.append("/mobileNumber :"+ mobileNumber+"/password :"+ encryptPassword);
// SET STRING BUILDER IN URL OBJ
incomingUrlObj.setUrlText(incomingUrlObj.getUrlText()+sb.toString());
// SAVE INFORMATION IN DATABASE
incomingUrlRepository.save(incomingUrlObj);
// FETCH USER DETAILS BY MOBILE NUMBER
/*
* findByUserMobileNumber -> If Mobile Number Exist in Database it will return the details of the user in userObj
-> If Mobile Number Doesn't Exist then it will return null
*/
if(userRepository.findByuserMobileNumber(mobileNumber) == null)
{
logger.info("USER DOES NOT EXIST");
// CREATE ACTIVITY DESCRIPTION
activitiesObj.createActivityLogDescription(activityTypeObj, activityType.Login_Failed_User_Not_Registered, activityLogsObj, userObj, mobileNumber);
// SAVE ACTIVITY IN DATABASE
activityLogsRepositoryObj.save(activityLogsObj);
ModelAndView modelAndView = new ModelAndView("index");
modelAndView.addObject("message", "User Is Not Registered");
return modelAndView;
}
else if(userRepository.findByuserMobileNumberAndPassword(mobileNumber, encryptPassword) == null)
{
logger.info("USER ENTERED WRONG PASSWORD");
/*ON FAILED LOGIN ATTEMPT INCREASE THE LOGIN ATTEMPT COUNT
* UPDATE IT IN USERS TABLE
* */
loginAttemptCount = loginAttemptCount +1;
// update the same in users table
int updateCount = userRepository.updateLoginAttemptCount(loginAttemptCount,mobileNumber);
logger.info("UPDATE COUNT FOR FAILED LOOGIN ATTEMPT :"+ updateCount);
// CREATE ACTIVITY DESCRIPTION
activitiesObj.createActivityLogDescription(activityTypeObj, activityType.Login_Failed_Invalid_Password, activityLogsObj, userObj, mobileNumber);
// SAVE ACTIVITY IN DATABASE
activityLogsRepositoryObj.save(activityLogsObj);
ModelAndView modelAndView = new ModelAndView("index");
modelAndView.addObject("message", "Invalid Password Entered");
return modelAndView;
}
else
{
// USER IS REGISTERED => BOTH MOBILE NUMBER AND PASSWORD
// FETCH THE USER DETAILS
userObj = userRepository.findByuserMobileNumberAndPassword(mobileNumber, encryptPassword);
if(userObj.getActive() !=1)
{
// USER IS IN-ACTIVE
// SHOW APPROPIATE MESSAGE TO USER -> LOGIN FAILED
// UPDATE THE LOGIN ATTEMPT COUNT
loginAttemptCount = loginAttemptCount+1;
// UPDATE THE LOGIN ATTEMPT COUNT VALUE
userRepository.updateLoginAttemptCount(loginAttemptCount, mobileNumber);
// CREATE ACTIVITY DESCRIPTION
activitiesObj.createActivityLogDescription(activityTypeObj, activityType.Login_Failed_User_InActive, activityLogsObj, userObj, mobileNumber);
// SAVE ACTIVITY IN DATABASE
activityLogsRepositoryObj.save(activityLogsObj);
// SHOW THE APPROPIATE MESSAGE TO USER
ModelAndView modelAndView = new ModelAndView("index");
modelAndView.addObject("message", "User Registered But InActive");
return modelAndView;
}
else if(userObj.isPasswordEnable() !=1)
{
// USER'S PASSWORD IS NOT ENABLE
// UPDATE THE LOGIN ATTEMPT COUNT
loginAttemptCount = loginAttemptCount+1;
// UPDATE THE LOGIN ATTEMPT COUNT VALUE
userRepository.updateLoginAttemptCount(loginAttemptCount, mobileNumber);
// CREATE ACTIVITY DESCRIPTION
activitiesObj.createActivityLogDescription(activityTypeObj, activityType.Login_Failed_Password_Disable, activityLogsObj, userObj, mobileNumber);
// SAVE ACTIVITY IN DATABASE
activityLogsRepositoryObj.save(activityLogsObj);
// SHOW APPROPIATE MESSAGE TO USER -> LOGIN FAILED
ModelAndView modelAndView = new ModelAndView("index");
modelAndView.addObject("message", "User Registered But Password Is Disable");
return modelAndView;
}
else if((userObj.getLoginAttemptCount() >= maxLoginAttemptCount))
{
// UPDATE THE LOGIN ATTEMPT COUNT
loginAttemptCount = loginAttemptCount+1;
// UPDATE THE LOGIN ATTEMPT COUNT VALUE
userRepository.updateLoginAttemptCount(loginAttemptCount, mobileNumber);
// DISABLE USER FOR FURTHER LOGIN ATTEMPTS
userRepository.updateLoginEnableFlag(false, mobileNumber);
// CREATE ACTIVITY DESCRIPTION
activitiesObj.createActivityLogDescription(activityTypeObj, activityType.Login_Failed_MaxLoginAttempt_Reached, activityLogsObj, userObj, mobileNumber);
// SAVE ACTIVITY IN DATABASE
activityLogsRepositoryObj.save(activityLogsObj);
ModelAndView modelAndView = new ModelAndView("index");
modelAndView.addObject("message", "Max Login Attempt Reached! User is Blocked");
return modelAndView;
}
else if(userObj.isOtpOnWebLoginEnable() == false)
{
// CREATE ACTIVITY DESCRIPTION
activitiesObj.createActivityLogDescription(activityTypeObj, activityType.Login_Failed_MaxLoginAttempt_Reached, activityLogsObj, userObj, mobileNumber);
// SAVE ACTIVITY IN DATABASE
activityLogsRepositoryObj.save(activityLogsObj);
ModelAndView modelAndView = new ModelAndView("index");
modelAndView.addObject("message", "Max Login Attempt Reached! User is Blocked");
return modelAndView;
}
else
{
// LOGIN SUCCESSFULL
logger.info("USER EXIST");
// SET VALUE IN SESSION
session = req.getSession();
session.setAttribute("mobile_number", mobileNumber);
session.setAttribute("userName", userObj.getUserName());
session.setAttribute("challengekey_1", "");
session.setAttribute("challengekey_2", "");
// SET THE LOGIN ATTEMPT COUNT BACK TO ZERO
userRepository.updateLoginAttemptCount(0, mobileNumber);
// ENABLE OTP ON WEB LOGIN
userRepository.updateLoginEnableFlag(true, mobileNumber);
// CREATE ACTIVITY DESCRIPTION
activitiesObj.createActivityLogDescription(activityTypeObj, activityType.Login_Successfull, activityLogsObj, userObj, mobileNumber);
// SAVE ACTIVITY IN DATABASE
activityLogsRepositoryObj.save(activityLogsObj);
// GO TO HOME PAGE
ModelAndView modelAndView = new ModelAndView("home");
modelAndView.addObject("message", "");
return modelAndView;
}
}
}
// HANDLE HOME PAGE PST REQUEST
@RequestMapping(value="/home",method = RequestMethod.POST)
public ModelAndView home(@ModelAttribute(name="sendChallengeKeyForm") Message message, Model model,HttpServletRequest request)
{
// CREATE INCOMING AND OUTGOING URL OBJECT
incomingUrlObj = new IncomingUrl();
outgoingUrlObj = new OutgoingUrl();
SendServiceImpl sendServiceObj= new SendServiceImpl(message, userObj);
String challengeKey1 = null;
String challengeKey2 = null;
String messageTag = null;
String pumpSerialNumber = null;
messageTag = message.getMessageTag();
logger.debug("LOGGED IN MOBILE NUMBER :"+ userObj.getUserMobileNumber());
logger.info("MESSAGE TAG : "+ messageTag);
if(messageTag.equalsIgnoreCase("test otp"))
{
incomingUrlObj.fetchURLInformation(incomingUrlObj, request);
StringBuilder sb = new StringBuilder();
sb.append(incomingUrlObj.getUrlText() + "/Message Tag :"+ messageTag);
sb.append("/Mobile Number:"+ userObj.getUserMobileNumber());
// SET IN URL OBJECT
incomingUrlObj.setUrlText(sb.toString());
// SAVE THE REQUEST IN DATABASE
incomingUrlRepository.save(incomingUrlObj);
long incomingURLId = incomingUrlObj.getUrlId();
logger.info("INCOMING URL ID :"+ incomingURLId);
boolean isInfoFilled = outgoingUrlObj.fillOutgoingURLInfo(outgoingUrlObj, incomingUrlObj, userObj, sb);
logger.info("IS INFO FILLED IN OUTGOING URL OBJECT :"+isInfoFilled);
// CALL SEND CHALLENGE KEYS METHOD
outgoingUrlObj = sendServiceObj.sendChallengeKeys(outgoingUrlObj);
String messageFromServer = outgoingUrlObj.getHttpResponseString();
logger.info("Message From Server :"+ messageFromServer);
//SAVE THE OUTGOING URL DETAILS IN DB
outgoingUrlRepository.save(outgoingUrlObj);
ModelAndView modelAndView = new ModelAndView("result");
modelAndView.addObject("messageFromServer", messageFromServer);
return modelAndView;
}
else if(messageTag.equalsIgnoreCase("pump"))
{
incomingUrlObj.fetchURLInformation(incomingUrlObj, request);
StringBuilder sb = new StringBuilder();
sb.append(incomingUrlObj.getUrlText() + "/Message Tag :"+ messageTag);
sb.append("/Pump Serial Number:"+ pumpSerialNumber);
// SET IN URL OBJECT
incomingUrlObj.setUrlText(sb.toString());
// SAVE THE REQUEST IN DATABASE
incomingUrlRepository.save(incomingUrlObj);
long incomingURLId = incomingUrlObj.getUrlId();
logger.info("INCOMING URL ID :"+ incomingURLId);
boolean isInfoFilled = outgoingUrlObj.fillOutgoingURLInfo(outgoingUrlObj, incomingUrlObj, userObj, sb);
logger.info("IS INFO FILLED IN OUTGOING URL OBJECT :"+isInfoFilled);
// CALL SEND CHALLENGE KEYS METHOD
outgoingUrlObj = sendServiceObj.sendChallengeKeys(outgoingUrlObj);
String messageFromServer = outgoingUrlObj.getHttpResponseString();
//SAVE THE OUTGOING URL DETAILS IN DB
outgoingUrlRepository.save(outgoingUrlObj);
ModelAndView modelAndView = new ModelAndView("result");
modelAndView.addObject("messageFromServer", messageFromServer);
return modelAndView;
}
else
{
// FETCH URL INFORMATION
challengeKey1 = message.getChallengeKey1();
challengeKey2 = message.getChallengeKey2();
messageTag = message.getMessageTag();
incomingUrlObj.fetchURLInformation(incomingUrlObj, request);
// APPEND CHALLENGE KEYS IN THE EXISTING URL INFORMATION
StringBuilder sb = new StringBuilder();
sb.append(incomingUrlObj.getUrlText() + "/Message Tag :"+ messageTag);
sb.append("/Challenge Key 1 :"+ challengeKey1);
sb.append("/Challenge Key 2 :"+ challengeKey2);
// SET IN URL OBJECT
incomingUrlObj.setUrlText(sb.toString());
// SAVE THE REQUEST IN DATABASE
incomingUrlRepository.save(incomingUrlObj);
long incomingURLID = incomingUrlObj.getUrlId();
logger.info("INCOMING URL ID :"+ incomingURLID);
// VALIDATE THE CHALLENGE KEY
boolean isChallengeKey1_valid = validationObj.isChallengeKeyValid(challengeKey1);
boolean isChallengeKey2_valid = validationObj.isChallengeKeyValid(challengeKey2);
logger.info("IS CHALLENGE KEY 1 VALID :"+ isChallengeKey1_valid);
logger.info("IS CHALLENGE KEY 2 VALID :"+ isChallengeKey2_valid);
/*isChallengekey1 Valid = false -> Show error On Home Page
*isChallengeKey2 Valid = false -> Show error on Home Page
*If both challengeKey are Valid then Send it to SMS Service
**/
if(isChallengeKey1_valid == false || isChallengeKey2_valid == false)
{
// SET THE APPROPIATE MESSAGE TO BE SHOWN IN HOME PAGE
ModelAndView modelAndView = new ModelAndView("home");
modelAndView.addObject("errorMessage", "In-Valid Format For ChallengeKeys");
return modelAndView;
}
else
{
//SET THE CHALLENGE KEYS IN SESSION VALUES
String messageFromServer = null;
// SET VALUE IN SESSION
session.setAttribute("challengekey_1", challengeKey1);
session.setAttribute("challengekey_2", challengeKey2);
session.setAttribute("messageTag", messageTag);
// CREATE OBJECT OF SEND SERIVICE CLASS
try
{
// SET THE VALUES IN OUTGOING URL OBJECT
outgoingUrlObj.setMobileNumber(userObj.getUserMobileNumber());
outgoingUrlObj.setOutgoingUrlTime(Utility.getCurrentTime());
outgoingUrlObj.setOutgoingMessage(sb.toString());
outgoingUrlObj.setIncomingUrl(incomingUrlObj);
// CALL SEND CHALLENGE KEYS METHOD
outgoingUrlObj = sendServiceObj.sendChallengeKeys(outgoingUrlObj);
messageFromServer = outgoingUrlObj.getHttpResponseString();
logger.info("MESSAGE FROM SERVER :"+ messageFromServer);
//SAVE THE OUTGOING URL DETAILS IN DB
outgoingUrlRepository.save(outgoingUrlObj);
if(messageFromServer != null)
{
ModelAndView modelAndView = new ModelAndView("result");
modelAndView.addObject("messageFromServer", messageFromServer);
return modelAndView;
}
else
{
String messageToSendToClient = "UNABLE TO GET OTP";
ModelAndView modelAndView = new ModelAndView("result");
modelAndView.addObject("messageFromServer", messageToSendToClient);
return modelAndView;
}
}
catch (Exception e)
{
// TODO: handle exception
logger.error("ERROR "+ e.getMessage());
String messageToSend = "UN-HANDLED ERROR OCCURED";
ModelAndView modelAndView = new ModelAndView("result");
modelAndView.addObject("messageFromServer", messageToSend);
return modelAndView;
}
}
}
}
@RequestMapping(value = "logout", method = RequestMethod.GET)
public ModelAndView logout()
{
ModelAndView modelAndView = new ModelAndView("index");
modelAndView.addObject("messageFromServer", "");
try
{
if(session!=null)
{
session.invalidate();
modelAndView.addObject("messageFromServer", "");
}
}
catch (Exception e)
{
// TODO: handle exception
modelAndView.addObject("messageFromServer", "Failed To Clear Session! Please Login Again");
}
return modelAndView;
}
}
Когда пользователь A, вошедший в систему, сначала выполняет действия, связанные с OTP, и выходит из системы, а затем, когда пользователь B, вошедший в систему сразу после пользователя A, пытается это сделать.OTP-активность вызывает ошибку WhiteLabel.Я думаю, что не могу хорошо управлять сессией.Помогите мне в решении этой проблемы.