This week's book giveaways are in the Angular and TypeScript and Web Services forums.
We're giving away four copies each of Programming with Types and The Design of Web APIs and have the authors on-line!
See this thread and this one for details.
Win a copy of Programming with Types this week in the Angular and TypeScript forum
or The Design of Web APIs in the Web Services forum!
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Liutauras Vilda
  • Bear Bibeault
  • Paul Clapham
  • Jeanne Boyarsky
Sheriffs:
  • Junilu Lacar
  • Knute Snortum
  • Henry Wong
Saloon Keepers:
  • Ron McLeod
  • Tim Moores
  • Stephan van Hulst
  • Tim Holloway
  • Carey Brown
Bartenders:
  • Frits Walraven
  • Joe Ess
  • salvin francis

How to get session object by giving Session Id to kill another session in Websphere

 
Ranch Hand
Posts: 39
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi All,
Objective: To achieve only one user to logon only once on the same machine or different machine.
When the same user logs in on another machine or broswer instance, it should throw a msg
"User logged in already" and should not able to go further. When the user logs off
the lock should be released and browser close should be treated as Logout (at this
point also, the lock should be released)
THe Administrator should have one option to release the locked users.
Software: IBM WAS 4.0, database is Oracle
Problem:
Suppose the user logs in to the web application. After proper authentication,
a flag is updated in a table with his user id. so when the same user is loggin in
from different browser, it checks for the entry first and then throws error msg without loggin in.

There should be one option for Admin to release the lock. Suppose the network goes down, the
user lock wont be released since he didnt logged off properly.
The admin has option to see list of users whose status='Y' from a table. Then Admin selects
one or more users and update the status as 'N', so that next time those users can log in.

Now problem is, a user logs in and his status is set to 'Y'. Now he calls up Admin to release
his user lock. the admin releases the lock (which updates the flag only). The same user will be
able to log on from different machine or browser instance now. We need to stop that.
So when the admin releases the lock, the other session if any should be invalidated, so that
he gets the login screen.

Question: When the user logs in his Session id is written to the table. With the help of that session id,
how can we get the Session object to invalidate that particular session. The admin should
able to get the session object of some person by giving that session id, and invalidate.

I have described in detail. I hope to get some positive reply to this. This is very urgent.
Plese help me and thanks in advance.

Rgds,
Prasad
 
Ranch Hand
Posts: 34
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
When the session expires or web app goes donwn, use two listeners to update the db's status.
Run a scheduled job to clean up that table if necessary (check last-update timestamp).
And i dont think u should ever let the admin guy to directly manipulate the data like that. Rather wait for the session to be expired like 15 minutes so that the user can login then.
 
Ranch Hand
Posts: 925
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Whenever I have implemented;
one user = one session
It's always been FIFO (first person who logs in gets kicked out by the second user).
I think your requirements imply using a very short session lifetime (after 5 minutes of inactivity user gets kicked off), otherwise your admin is going to be very busy.
Who came up with these requirements??
 
Did you just should on me? You should read this tiny ad:
Sauce Labs - World's Largest Continuous Testing Cloud for Websites and Mobile Apps
https://coderanch.com/t/722574/Sauce-Labs-World-Largest-Continuous
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
Boost this thread!