Win a copy of The Way of the Web Tester: A Beginner's Guide to Automating Tests this week in the Testing forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

Avoiding two sessions by a single user

Nicolaos Kormara
Posts: 7
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hello everybody.

My question concerns two sessions opened by the same user, at the same time.
Specifically what I wish to avoid is the user logging in a website with two browser pages.

Currently to avoid this problem, as soon as the user logs in and is authenticated, I place a variable using :

servletContext.setAttribute(userName, USER_SESSION + userName);

//USER_SESSION is a String declared final static.

The next time the same userName and password is used to log in, I try and retrieve the value stored under the userName key. If it exists, then the user is kicked out otherwise he/she is allowed to procede.

What I am wondering is if this an acceptable mechanism of making sure a user does not open two sessions? If not, could someone please suggest another method or point me to an article where I could read how it best to procede in such circumstances.

I appreciate any suggestions. Thank you.
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic