I have to prevent multiple user logins to my web application developed in Struts running in tomcat.
This is the situation: User A logs in application and proceeds to application page. Now if User A opens another IE window and tries to login, he shouldnt be allowed to login again. How can I achieve this ?
I tried using istokenvalid,savetoken etc. But this approach doesnt work if the user opens a new IE from task bar and also refresh also fails here[I understand its meant to hide refresh capability]. How else can i achieve this ?
Atul, Did you search javaranch for this question? It's been asked before. In short you don't have easy way. You either to have use some sort of persistence to store the active sessions and search them before creating a new session or you can use JMX to query the active sessions (which will be costly when compared to persistence technique). If you search further you will find more details. Struts as far as I know doesn't provide this logic. This is more of JSP question. [ March 26, 2007: Message edited by: Purushothaman Thambu ]
Basically I have different scenarios: 1, User logegd in and opens a new window from "windows task bar", thereby opening a new sessionid. I tried the approach of using Maps here. it works. Is that the preferred approach here or using HttpSessionListener is the preferred approach ?
I need some more links with using httpsessionlistener, my serach didnt give me much
How about cntrl+n or file-new-open window. I have login.jsp which takes users to second page-results.jsp, In this page "refresh" should be available, but cntrl+n shouldnt be ? Can we handle it ?
I read a post of using timestamps with cntrl+n but that can catch "Refresh" button also. So please suggest some help