• Post Reply Bookmark Topic Watch Topic
  • New Topic

Disabling a previous session in a web app  RSS feed

 
Greenhorn
Posts: 3
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi,
I am pretty new to this site. I am trying to create a solution for prevent a user from logging into multiple systems at the same time. The previous session has to be invalidated. Please let me know how to do this. I know that with invalidate()method of sessio, we can invalidate only the current instance.
FYI- i am planning to store the session ids in a table.
Is there any way where I can invalidate a session using its session iD?

Thanks in advance for your time and help!
 
Ranch Hand
Posts: 124
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator

Is there any way where I can invalidate a session using its session iD?


No way you can invalidate the session if you are having the session id.
Since the api to get the session using session id is deprecated.

Previous session will be invalidated only after the session timeout triggers.
Besides you can keep a flag in database identifying the user of his previous existence
and not allowing the same user to enter the system if the flag is set.

If the timeout or user selects logout reset the flag in the database.

 
RaajaRaaja Chozhan
Greenhorn
Posts: 3
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Mohamed Inayath wrote:

Is there any way where I can invalidate a session using its session iD?


No way you can invalidate the session if you are having the session id.
Since the api to get the session using session id is deprecated.

Previous session will be invalidated only after the session timeout triggers.
Besides you can keep a flag in database identifying the user of his previous existence
and not allowing the same user to enter the system if the flag is set.

If the timeout or user selects logout reset the flag in the database.



Hi Mohd, Thanks for your suggestion of not using sessionID. But my requirements are only to disable the previous session. If not by sessionID, let me know other ways of doing it.
 
Mohamed Inayath
Ranch Hand
Posts: 124
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator

But my requirements are only to disable the previous session.


Disabling the previous session...! What do you mean by this.

You want the make the user to have a single session right?

Then not allow him to relogin or recreate new session by keeping a flag in a common database.
 
RaajaRaaja Chozhan
Greenhorn
Posts: 3
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Mohamed Inayath wrote:

But my requirements are only to disable the previous session.


Disabling the previous session...! What do you mean by this.

You want the make the user to have a single session right?

Then not allow him to relogin or recreate new session by keeping a flag in a common database.


The req goes like this:
1) A user cannot login in more than 1 PC simultaneously.
2) If he does so, then log him in the 2nd PC and disable his session in PC#1.

This is what I am trying to achieve.
 
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
Boost this thread!