当它是基于系统的用户时，则不能使用Sessions.

选项1:
维护应用程序对象.无论登录者是谁，都应添加该用户名，并在登录/浏览器关闭时将其删除.
每当用户登录时，就循环遍历Application对象中的值.如果找到表明他已经登录的值，则可以为用户提供一种机制，使其先注销然后再在该系统上重新登录.

选项2:
维护IP&数据库中的userId.登录到系统之前，请验证它是否已经存在.如果没有，请允许登录.

When it is user based across systems then it cannot be using Sessions.

Option 1:
Maintain the Application object. Whoever login''s should be added to it and removed on logut/browser close.
Whenever user logins, loop through the values in Application object. If you find the value that means he is already in. You can provide a mechanism to user to logout first and then re-login on that system.

Option 2:
Maintain the IP & userId in your database. Before logging into the system verify if it already exists. If not, allow login.