posted 21 years ago
Hi All,
Objective: To achieve only one user to logon only once on the same machine or different machine.
When the same user logs in on another machine or broswer instance, it should throw a msg
"User logged in already" and should not able to go further. When the user logs off
the lock should be released and browser close should be treated as Logout (at this
point also, the lock should be released)
THe Administrator should have one option to release the locked users.
Software: IBM WAS 4.0, database is Oracle
Problem:
Suppose the user logs in to the web application. After proper authentication,
a flag is updated in a table with his user id. so when the same user is loggin in
from different browser, it checks for the entry first and then throws error msg without loggin in.
There should be one option for Admin to release the lock. Suppose the network goes down, the
user lock wont be released since he didnt logged off properly.
The admin has option to see list of users whose status='Y' from a table. Then Admin selects
one or more users and update the status as 'N', so that next time those users can log in.
Now problem is, a user logs in and his status is set to 'Y'. Now he calls up Admin to release
his user lock. the admin releases the lock (which updates the flag only). The same user will be
able to log on from different machine or browser instance now. We need to stop that.
So when the admin releases the lock, the other session if any should be invalidated, so that
he gets the login screen.
Question: When the user logs in his Session id is written to the table. With the help of that session id,
how can we get the Session object to invalidate that particular session. The admin should
able to get the session object of some person by giving that session id, and invalidate.
I have described in detail. I hope to get some positive reply to this. This is very urgent.
Plese help me and thanks in advance.
Rgds,
Prasad