Win a copy of Functional Reactive Programming this week in the Other Languages forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

Session management with username

 
vidya sagar
Ranch Hand
Posts: 580
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi all

I want to prevent a same username to be logged, more than once at any time.
(i.e) A same loginname should not be used by two different persons to login at same time

So i used SessionBinding listener, to track all users who logged in.When a person logged in ,session will get created,When a person logged out session will get invalidated

scenario :when a person's by name XXX who is logged in and browsing the site,At that time internet connection is gone and immediately reconnects,this time i cannot track the user XXX who lost the connection and cannot invalidated the session,

At this time, When XXX try to login, it gets the message "Already logged in",XXX will allowed to login only previous session gets timeouts.

so when the connection is lost and same user is logged in , i want to allow him to login.

Now i want to handle this situvation too.

Waiting for ur solutions and Thanks in advance
 
Anupam Sinha
Ranch Hand
Posts: 1090
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Maybe cookies may help you. Save some info after authenticating a user in a cookie and you can delete the same at the logout time.
 
Alec Lee
Ranch Hand
Posts: 569
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi Vidya,

So i used SessionBinding listener, to track all users who logged in.

Could you elaborate more on the way you track users with HttpSessionBindingListener.
 
H Gokulam
Ranch Hand
Posts: 46
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi,

The question is simple. How do you identify these 2 case ?

1. Internet connection lost and the same user trying to login.
2. second person trying to login with same user id

Only the client browser can provide details like 'Internet connection failure' to the server. So 'Cookies' is one of the options (or only option).

Regards,
 
Ben Souther
Sheriff
Posts: 13411
Firefox Browser Redhat VI Editor
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
This topic comes up from time to time.
Search this and the JSP forum and you will find several threads that discuss in in length.

Rember HTTP is a stateless protocol.
JSP sessions help to mimick stateful behavior but there is really no such thing as 'being logged in'.
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic