• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Tim Cooke
  • paul wheaton
  • Jeanne Boyarsky
  • Ron McLeod
Sheriffs:
  • Paul Clapham
  • Liutauras Vilda
  • Devaka Cooray
Saloon Keepers:
  • Tim Holloway
  • Roland Mueller
Bartenders:

how we can do that when one user is log successfully

 
Ranch Hand
Posts: 49
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator

Dear all

first i want to elaborate the scenario
it is like that when one user for example user A HAS USERNAME:ANURAG & PASSWORD: UITK

HE IS ALREADY LOGIN SUCCESSFULLY IN APPLICATION HE SURFING THE WEBSITE.

THEN if another person B TRYING TO LOGIN INTO THE APPLICATION BY THE USE OF THE PERSON A USERNAME AND PASSWORD

then during this i want that person B GET A MESSAGE LIKE THIS "U ARE ALREADY LOGIN " .

MEANS HOW WE ENSURE THAT SEESION MANAGEMENT VERIFY THE UNIQUE USER_ID MEANS NO OTHER CAN BE LOG ON WHEN THAT USERID IS ALREADY LOG IN.

THANKS
 
Sheriff
Posts: 67753
173
Mac Mac OS X IntelliJ IDE jQuery TypeScript Java iOS
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
You can;t do that just with the session because each client will gets unique session and they cannot be cross-checked. You'll either need to keep information in the application context to check against, or perhaps even in the DB.
 
shyam ji gautam
Ranch Hand
Posts: 49
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator

Bear Bibeault wrote:You can;t do that just with the session because each client will gets unique session and they cannot be cross-checked.

You'll either need to keep information in the application context to check against, or perhaps even in the DB.




sorry for uppercase letter writing my humble for elaborate the concept behind your idea . means let us suppose we has a table current_user

which has field user_id , application_id , session _id ,

and the sessionid is generated from container when user A is login for their user_id and this information is save in this table like this
test , school, jsesso12345 ,

m eans when user is login then we can check it for user_id exist or not in that table but my doubt is that when the second time user is login then this user_id is already exist for same user so how can he will be able to login for the second time .

please suggest me

thanks and sorry for uppercase
 
Ranch Hand
Posts: 81
IBM DB2 Eclipse IDE Java
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator

Bear Bibeault wrote:You can;t do that just with the session because each client will gets unique session and they cannot be cross-checked. You'll either need to keep information in the application context to check against, or perhaps even in the DB.



true, another issue is the session-timeout.
You cannot track exactly when a user leaves the app, to allow another one!
(Unless they invoke a "logout"-function, and still...)
 
shyam ji gautam
Ranch Hand
Posts: 49
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator

olivier dutranoit wrote:

Bear Bibeault wrote:You can;t do that just with the session because each client will gets unique session and they cannot be cross-checked. You'll either need to keep information in the application context to check against, or perhaps even in the DB.



true, another issue is the session-timeout.
You cannot track exactly when a user leaves the app, to allow another one!
(Unless they invoke a "logout"-function, and still...)




so what will be the solution for this according to your idea my humble request is that please elaborate me the solution with your view.
means what things i will be follow to fulfil this requirement.

thanks
 
Ranch Hand
Posts: 70
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hi,
I just want to a add a bit to other posting get as replied for this.
You can use boolean field called loged_in where you will store the validated value of a user true or false according.
So whenever a request come for login check that one first then if already login you can redirect him/her to welcome page.
When logout you can make this filed to false.
 
Ranch Hand
Posts: 171
Spring Java Linux
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hi,
As Bear Bibeault said, you can have the user_name in the web application context when the session created successfully for that user. So you can cross-check the logged users and say already your session exists if an entry exists.
First it will create the following problems,
1. Performance problem due to cross-checks for logged users.
2. If the user has given wrong password with user name and not deleted the entry from session, then he won't able to login again before web application/session timeout ends. (To avoid this you could have listeners to end up session entry)
But if you wanna to restrict the users then you have to go implement any of these with greater flexibility with high performance. Hope this helps.
 
Greenhorn
Posts: 5
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
I guess we can use HttpSessionListener. When User logs in we can make entry in DB. This can be used to check whether the user is already logged in. In HttpSessionListener.sessionDestroyed() method you can delete entry from Table. Correct me if i am Wrong
 
Bear Bibeault
Sheriff
Posts: 67753
173
Mac Mac OS X IntelliJ IDE jQuery TypeScript Java iOS
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Bad idea. You should not tie user login to session creation and removal. You have little control over that.

Rather. use scoped variables placed into the session to indicate whether a user is authenticated or not.
 
Ranch Hand
Posts: 32
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
And what if we use load balance with two of more app servers synchronized? using session variables can work weird, maybe one server removes the variables but the other one may not.
 
And inside of my fortune cookie was this tiny ad:
Smokeless wood heat with a rocket mass heater
https://woodheat.net
reply
    Bookmark Topic Watch Topic
  • New Topic