• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Jeanne Boyarsky
  • Ron McLeod
  • Paul Clapham
  • Liutauras Vilda
Sheriffs:
  • paul wheaton
  • Rob Spoor
  • Devaka Cooray
Saloon Keepers:
  • Stephan van Hulst
  • Tim Holloway
  • Carey Brown
  • Frits Walraven
  • Tim Moores
Bartenders:
  • Mikalai Zaikin

Duplicate Login

 
Greenhorn
Posts: 13
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Actually, it is the login page, with login id and password.
The user with valid login id and password can login.. So anyone got the login id and password can use the service. We wanna to control only one use are using the service. so we wanna to inactivate the first login so that the second user with valid login can continue. Thank for your suggestion. But I am still have difficult in using the sessionId to retrieve the actual object and inactive the old session
The session ID is getting from the first login
HttpSession session = request.getSession(true);
sessionID = session.getId();
and this sessionID is put into DB, when the second user login, it will check if this user Id has login not logout. and actually, we retrieve the sessionID from DB and wanna to use it for INactivate the old session.
However, I still not figure out how to do it..
Thanks for your kind help and many thanks
Regards,


I authenticate user by login id and password..Thanks
Dear guys,
if there is duplicate login, I wanna to logout the previous login.
I have the previous session ID, I wanna to know if it is possible to remove th previous session using this session id .so the the previous login will be invalidated.

Regards,

[ March 09, 2005: Message edited by: grace chow ]

[ March 11, 2005: Message edited by: grace chow ]
[ March 11, 2005: Message edited by: grace chow ]
 
Sheriff
Posts: 13411
Firefox Browser VI Editor Redhat
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
How are you authenticating users?
 
Ranch Hand
Posts: 33
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator

Originally posted by grace chow:

if there is duplicate login, I wanna to logout the previous login.
I have the previous session ID, I wanna to know if it is possible to remove th previous session using this session id .so the the previous login will be invalidated.



There is an invalidate() method in the javax.servlet.http.HttpSession object. That would probably do it. Although, if you only have the session id and not the actual object, I'm not sure if you could get the HttpSession object. You could also use setMaxInactiveInterval() when you first create the sessions to something rather brief so that the old session (presumably inactive) would expire on its own. That could cause be a problem if your users will spend a lot of time being inactive -- their sessions will keep expiring.

How is it your users would be logging in twice?
 
Consider Paul's rocket mass heater.
reply
    Bookmark Topic Watch Topic
  • New Topic