Win a copy of Programmer's Guide to Java SE 8 Oracle Certified Associate (OCA) this week in the OCAJP forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

Unique Session handling

 
rudresh kumar
Ranch Hand
Posts: 83
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
HI All,

I have requirement, where unique session handling is to be done,

i,e if a user 'X' is logged in to my application, he should not be allowed to login anywhere again (even in the same machine) until he closes the existing session.

I would like to have you help on how to proceed with the same.

Thanks in advance
Vaishnav
 
Merrill Higginson
Ranch Hand
Posts: 4864
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Here's one possible solution:
  • When the user logs on, put the user ID in a list of current users kept in Application scope (The ServletContext object)
  • Keep the current User Id as an attribute of the HTTPSession object
  • Implement an HTTPSession listener with a sessionDestroyed() method that removes the user ID from the list
  • When a user tries to log on, check to see if the user Id is in the list of current users. If it is, don't let them log on.
  • There is still at least one problem you will have to decide how to handle:

    If a user loses the connection or closes the browser accidentally, the user ID is still going to be in the list until the session times out. This could be frustrating for a user to have to wait. You may want to put up a dialog saying something like "It appears you have another session open. Only one is allowed at a time. Do you want to release the old session and start a new one now?" This at least gives someone the ability to still log on in this situation.
     
    Raghavan Muthu
    Ranch Hand
    Posts: 3381
    Mac MySQL Database Tomcat Server
    • Mark post as helpful
    • send pies
    • Quote
    • Report post to moderator
    That seems to be the good solutios Merill.

    The last option would be more useful i guess if in case such scenario occurs.
     
    • Post Reply
    • Bookmark Topic Watch Topic
    • New Topic