Win a copy of Murach's Python Programming this week in the Jython/Python forum!
  • Post Reply Bookmark Topic Watch Topic
  • New Topic

multiple users same username  RSS feed

 
Hans Gill
Greenhorn
Posts: 1
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi everyone I have a question with a way my users are logging into my system. Some of them seem to be sharing usernames and I am looking for a opensource tool or some advice on best implementations to avoid this.

The several ideas all which have some pros/cons are

checking session id
adding the login to db and then checking if that user is logged in

has anyone ever run across this and figure out a solution that works MOST OF THE THE TIME?

thank you for all your help
 
Sunil Vasudevan
Ranch Hand
Posts: 107
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
There can be many solutions to it...

One right off my head is as follows:
1. You would be maintaining a session for each user logged in.
2. Use an HttpSessionListener to keep a track of each session being created/destroyed.
3. Maintain an ArrayList with login names of logged in users and store at application scope.
4. In sessionCreated() of HttpSessionListener, check if the user already exists. If yes, it means it is a second login with the same user ID, have your business logic to handle this case. Else add a user in the list and proceed as normal flow.
5. In sessionDestroyed(), remove the user from the List.

Of course there are things you need to consider:
1. Is the application on distributed system.
2. Have a session timeout configured to a short value. Cause if the user closes the browser without a logout, the session will not be destroyed right away. This will not allow the user to login again. (You can trap the browser close event in javascript though and display appropriate message).
 
With a little knowledge, a cast iron skillet is non-stick and lasts a lifetime.
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
Boost this thread!