AcsHttpSessionListener.java

package com.norteksoft.acs.web.listener;

import java.util.Date;
import java.util.List;

import javax.servlet.ServletContext;
import javax.servlet.http.HttpSession;
import javax.servlet.http.HttpSessionEvent;

import org.springframework.context.ApplicationContext;
import org.springframework.security.Authentication;
import org.springframework.security.context.SecurityContextHolder;
import org.springframework.security.context.SecurityContextImpl;
import org.springframework.security.ui.session.HttpSessionEventPublisher;
import org.springframework.web.context.support.WebApplicationContextUtils;

import com.norteksoft.acs.entity.log.LoginLog;
import com.norteksoft.acs.entity.security.User;
import com.norteksoft.acs.service.log.LoginUserLogManager;
import com.norteksoft.acs.web.filter.ExceededOnlineUserFilter;
import com.norteksoft.product.util.ContextUtils;

/**
 * 监听session的创建及销毁
 * 
 * @author xiaoj
 */
public class AcsHttpSessionListener extends HttpSessionEventPublisher {
	//private static final Log loger = LogFactory.getLog(AcsHttpSessionListener.class);
	
	/**
	 * session创建时记录用户登陆日志
	 */
	@Override
	public void sessionCreated(HttpSessionEvent event) {  }

	/**
	 * session销毁时记录用户登出日志
	 */
	@Override
	public void sessionDestroyed(HttpSessionEvent event) {
		Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
		if(authentication != null && !"roleAnonymous".equals(authentication.getName())){
			Object manager = getBeanFromApplicationContext(event.getSession().getServletContext(), "loginUserLogManager");
			if(manager instanceof LoginUserLogManager){
				LoginUserLogManager logManager = (LoginUserLogManager) manager;
				//查询最新的登录日志，修改其登出时间
				Object userObj = authentication.getPrincipal();
		    	if(userObj instanceof User){
		    		User user = (User) userObj;
		    		//==============
		    		ExceededOnlineUserFilter.ConcurrencyStorage.remove(user.getCompanyId(), user.getUsername());
		    		//==============
		    		List<LoginLog> logs = logManager.getLoginLogs(user.getUserId());
					for(LoginLog log : logs){
						log.setExitTime(new Date());
						logManager.saveLoginUserLog(log);
					}
		    	}
			}
		}else {//if (event.getSession() instanceof SecurityContextImpl) {
			recordLogout(event.getSession());
		}
		super.sessionDestroyed(event);
	}
	
	public static void recordLogout(HttpSession session){
		if(session == null) return;
		SecurityContextImpl context = (SecurityContextImpl)session.getAttribute("SPRING_SECURITY_CONTEXT");
		if(context != null){
			User user = (User)context.getAuthentication().getPrincipal();
			//==============
    		ExceededOnlineUserFilter.ConcurrencyStorage.remove(user.getCompanyId(), user.getUsername());
    		//==============
			LoginUserLogManager logManager = (LoginUserLogManager)ContextUtils.getBean("loginUserLogManager");
			List<LoginLog> logs = logManager.getLoginLogs(user.getUserId());
			for(LoginLog log : logs){
				log.setExitTime(new Date());
				logManager.saveLoginUserLog(log);
			}
		}
	}
	
    private Object getBeanFromApplicationContext(ServletContext servletContext, String beanName) {
    	ApplicationContext applicationContext = WebApplicationContextUtils.getWebApplicationContext(servletContext);
    	Object object = applicationContext.getBean(beanName);
    	if(object!= null){
    		return object;
    	}
        return null;
    }
    
}