• Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

How to ristrict multiple login's at the same time using same username?

 
sumit jagtap
Greenhorn
Posts: 26
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
All,

I have to prevent multiple user logins to my web application developed in JSP,Servlet

I used following tricks

I have maintain Table for user and password .that table to add one more column loginstatus . whenever he/she login change flag yes .when logout change flag no. when the user going to login know that time just check the status .if flag no(N) then allow user otherwise do not allow .

The solution above seems to be work, but some cases the logged user does not click on logout button! So, the session in this case will be expired, and if the user will try logon again will receive error. How can I handle this case?

 
Bear Bibeault
Author and ninkuma
Marshal
Pie
Posts: 65216
95
IntelliJ IDE Java jQuery Mac Mac OS X
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Record the user as logged out when the session expires using a session listener.
 
sumit jagtap
Greenhorn
Posts: 26
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
can you please explain in details or example?
 
Jayesh A Lalwani
Rancher
Posts: 2756
32
Eclipse IDE Spring Tomcat Server
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Look at the java docs for HTTPSessionListener

You should change the status of the user when the session is destroyed. Note that if the user doesn't logout, the session will be destroyed only after the web server times the session out. So, there will be a period of time where the user's account will be locked
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic