Win a copy of Java EE 8 High Performance this week in the Java/Jakarta EE forum!
  • Post Reply Bookmark Topic Watch Topic
  • New Topic

Avoiding two sessions by a single user  RSS feed

Posts: 7
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hello everybody.

My question concerns two sessions opened by the same user, at the same time.
Specifically what I wish to avoid is the user logging in a website with two browser pages.

Currently to avoid this problem, as soon as the user logs in and is authenticated, I place a variable using :

servletContext.setAttribute(userName, USER_SESSION + userName);

//USER_SESSION is a String declared final static.

The next time the same userName and password is used to log in, I try and retrieve the value stored under the userName key. If it exists, then the user is kicked out otherwise he/she is allowed to procede.

What I am wondering is if this an acceptable mechanism of making sure a user does not open two sessions? If not, could someone please suggest another method or point me to an article where I could read how it best to procede in such circumstances.

I appreciate any suggestions. Thank you.
With a little knowledge, a cast iron skillet is non-stick and lasts a lifetime.
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
Boost this thread!