Win a copy of The Java Performance Companion this week in the Performance forum!
    Bookmark Topic Watch Topic
  • New Topic

need to manage sigle session for same user in differnt browser

 
Ramesh Kumar
Ranch Hand
Posts: 42
  • Mark post as helpful
  • send pies
  • Report post to moderator
Hi All
i got the requirement like when the same user hits the URL and login from different browser , need to kill the previously opened one .
(ex) if i LogIn in IE , it will create one session . if i again login in another browser like firefox with same username/password, it will create another one ,
so now i want to kill the previously opened (IE's ) session .is it possible ??

Ramesh
 
Abhay Agarwal
Ranch Hand
Posts: 1376
Eclipse IDE Java
  • Mark post as helpful
  • send pies
  • Report post to moderator
Approach can be --

When the user logs in first, generate a some random sequence number for him, store it in his session, and in the database's table.
The database only stores one random sequence number for the user.
Whenever the user logs in again from different browser, check if request is from different browser and check whether random sequence number in the session matches with the one in the database.
If it matches then no action need to be performed.
If it does not matches, it is not from same browser (mean user has logged in again). destroy previous session and now create a new random sequence number for him, store it in his session, and upate random number in the database's table (replacing old random number)


code to find browser name from request



hope this explanation will be helpful to you

~ abhay
 
Prasad Krishnegowda
Ranch Hand
Posts: 670
4
Eclipse IDE Java Spring
  • Mark post as helpful
  • send pies
  • Report post to moderator
How are you authenticating your users now? Are you using any framework?
 
Arun Chidam
Ranch Hand
Posts: 79
  • Mark post as helpful
  • send pies
  • Report post to moderator
Abhay Agarwal wrote:Approach can be --

When the user logs in first, generate a some random sequence number for him, store it in his session, and in the database's table.
The database only stores one random sequence number for the user.
Whenever the user logs in again from different browser, check if request is from different browser and check whether random sequence number in the session matches with the one in the database.
If it matches then no action need to be performed.
If it does not matches, it is not from same browser (mean user has logged in again). destroy previous session and now create a new random sequence number for him, store it in his session, and upate random number in the database's table (replacing old random number)


code to find browser name from request



hope this explanation will be helpful to you

~ abhay


Hi abhey,

How does your approach differentiates the sessions if the request is from same browser...i mean when they try to log in from same browser??...does it close the existing session and re-open new one???

Hi Ramesh,
When you say to terminate the old sesion, what about the data in the current state, say if he is in middle of adding items to his shopping cart as per your request, it will not only terminate the old session but also removes any progress made by the user using that session....
My suggesstion will be to setup a flag(with current browser name) in a database as soon the user logged in, if the user tries to login again with same browser then he should be re-directed to the old session, if it is from different browser then, either request the user to close the existing session and login or create a new session and copy the records from the old session (if there are any temporary state associated with the old session) and then invalidate the old sesion.

 
    Bookmark Topic Watch Topic
  • New Topic