aspose file tools*
The moose likes JSP and the fly likes Single Login Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Java » JSP
Bookmark "Single Login" Watch "Single Login" New topic
Author

Single Login

Harry Pattern
Greenhorn

Joined: Nov 27, 2002
Posts: 23
hi,
Kindly advice some technique or procedure on this matter. Im currently working on a web program using jsp . The web application requires user's login and information being taken are the usual username and password. I need to ensure that the user can only only login once in any terminal. For example I login on terminal A as SUPERMAN and login again on terminal B as SUPERMAN . The program should be able to detect if superman has already logon if it is then superman will not permited to login again.
Kindly advice me on this matter. Your help will be highly apreciated.
thanks
Harry
Jeroen Wenting
Ranch Hand

Joined: Oct 12, 2000
Posts: 5093
What resources will you have at your disposal?
How critical is it?
Does it matter if they cannot log on at all when failing to log out properly without having their accounts reset?
etc. etc. etc.
There's many possible solutions, most resolving around keeping track of who's logged in from where in some way.


42
Varun Khanna
Ranch Hand

Joined: May 30, 2002
Posts: 1400
Originally posted by Harry Pattern:
hi,
Kindly advice some technique or procedure on this matter. Im currently working on a web program using jsp . The web application requires user's login and information being taken are the usual username and password. I need to ensure that the user can only only login once in any terminal. For example I login on terminal A as SUPERMAN and login again on terminal B as SUPERMAN . The program should be able to detect if superman has already logon if it is then superman will not permited to login again.
Kindly advice me on this matter. Your help will be highly apreciated.
thanks
Harry

You may use ServletContext to store the login id (or some unique identifier), once user is in and remove it on log out.
Before login any user always check if his login id is present in servlet context. If it is, then don't allow user else allow him.
This may not work in case your application is distributed in multiple jvm's.


- Varun
somkiat puisungnoen
Ranch Hand

Joined: Jul 04, 2003
Posts: 1312
if you want to create single signon system, i think, u must be use as same as Directory Service and access with JNDI API.


SCJA,SCJP,SCWCD,SCBCD,SCEA I
Java Developer, Thailand
Harry Pattern
Greenhorn

Joined: Nov 27, 2002
Posts: 23
Originally posted by Harry Pattern:
hi,
Kindly advice some technique or procedure on this matter. Im currently working on a web program using jsp . The web application requires user's login and information being taken are the usual username and password. I need to ensure that the user can only only login once in any terminal. For example I login on terminal A as SUPERMAN and login again on terminal B as SUPERMAN . The program should be able to detect if superman has already logon if it is then superman will not permited to login again.
Kindly advice me on this matter. Your help will be highly apreciated.
thanks
Harry
Harry Pattern
Greenhorn

Joined: Nov 27, 2002
Posts: 23
Im using tomcat 4.1 webserver and programs written in jsp. Is there a way where I can create an object on the server side . And the object should be running as long as the tomcat 4.1 webserver is running.
Thanks
harry
Winston Smith
Ranch Hand

Joined: Jun 06, 2003
Posts: 136
You can use a JavaBean with application scope, so it will persist as long as the server is running.

Or, if you're using a database system which maintains user accounts, you can always have a flag to monitor if the user is logged in.
WS


for (int i = today; i < endOfTime; i++) { code(); }
Harry Pattern
Greenhorn

Joined: Nov 27, 2002
Posts: 23
The idea of persisting while the server is running is a great idea. But can you guys give me a code snippet on how to do this .
Thanks
Winston Smith
Ranch Hand

Joined: Jun 06, 2003
Posts: 136
The code to make a JavaBean persist while the server is running is in my previous post. You basically declare a bean and set its scope to "application". You may also set the scope to "session", in which case the bean will persist throughout a client's session only.
Gowrishankar Mudaliar
Ranch Hand

Joined: Oct 20, 2001
Posts: 39
Though using a bean in the application context is the way to go, there are some obstacles to manage seamless session management.
If SUPERMAN logs in from MACHINE A, and abruptly closes the browser. Still, he is logically accessing the system.So, till the session times-out, he cannot access the system again.
Alternatively, you can try to invalidate the older session, if a new login happens with an existing user-id.
Hope this helps
Gowri shankar
Bear Bibeault
Author and ninkuma
Marshal

Joined: Jan 10, 2002
Posts: 61606
    
  67

"vgowri",
We're pleased to have you here with us in the JSP forum, but there are a few rules that need to be followed, and one is that proper names are required. Please take a look at the JavaRanch Naming Policy and adjust your display name to match it.
In particular, your display name must be a first and a last name separated by a space character, and must not be obviously fictitious.
Thanks!
bear
Forum Bartender


[Asking smart questions] [Bear's FrontMan] [About Bear] [Books by Bear]
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: Single Login