This week's book giveaways are in the Scala and Android forums.
We're giving away four copies each of Machine Learning Systems: Designs that scale and Xamarin in Action: Creating native cross-platform mobile apps and have the authors on-line!
See this thread and this one for details.
Win a copy of Machine Learning Systems: Designs that scale this week in the Scala forum
or Xamarin in Action: Creating native cross-platform mobile apps in the Android forum!
  • Post Reply Bookmark Topic Watch Topic
  • New Topic

How to ristrict multiple login's at the same time using same username?  RSS feed

 
Greenhorn
Posts: 26
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
All,

I have to prevent multiple user logins to my web application developed in JSP,Servlet

I used following tricks

I have maintain Table for user and password .that table to add one more column loginstatus . whenever he/she login change flag yes .when logout change flag no. when the user going to login know that time just check the status .if flag no(N) then allow user otherwise do not allow .

The solution above seems to be work, but some cases the logged user does not click on logout button! So, the session in this case will be expired, and if the user will try logon again will receive error. How can I handle this case?

 
Author and ninkuma
Marshal
Posts: 66685
167
IntelliJ IDE Java jQuery Mac Mac OS X
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Record the user as logged out when the session expires using a session listener.
 
sumit jagtap
Greenhorn
Posts: 26
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
can you please explain in details or example?
 
Rancher
Posts: 2762
32
Eclipse IDE Spring Tomcat Server
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Look at the java docs for HTTPSessionListener

you should change the status of the user when the session is destroyed. Note that if the user doesn't logout, the session will be destroyed only after the web server times the session out. So, there will be a period of time where the user's account will be locked
 
If you are using a rototiller, you are doing it wrong. Even on this tiny ad:
Rocket Oven Kickstarter - from the trailboss
https://coderanch.com/t/695773/Rocket-Oven-Kickstarter-trailboss
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
Boost this thread!