File APIs for Java Developers
Manipulate DOC, XLS, PPT, PDF and many others from your application.
http://aspose.com/file-tools
The moose likes Servlets and the fly likes How to impletmet the Single Sing on Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


JavaRanch » Java Forums » Java » Servlets
Bookmark "How to impletmet the Single Sing on " Watch "How to impletmet the Single Sing on " New topic
Author

How to impletmet the Single Sing on

Santosh Maskar
Ranch Hand

Joined: Jul 02, 2003
Posts: 226
Hi
Scenario
USer will open the Browser , and log on to the site from Computer C1 using USername : ADMIN

if he will open the Another Instance of the Browser from the Computer C1 (Same node) and try to log on the system using ADMIN then it must throw the error,

now current system is accepting the multipale user logging on same user from Same Node

i want to restrict the user once he will log on to the system using user ADMIn then he will not able to log on to the system from same user on same node.


how i will implement using servlet..


if anybody knows , please give some guidelines
not excepting the code....

i already try using IP address but , this solution is not the BEST whrn user will try proxy server.
Paul Sturrock
Bartender

Joined: Apr 14, 2004
Posts: 10336


i already try using IP address but , this solution is not the BEST whrn user will try proxy server

...and of course the IP address will be the same no matter how many browsers are opened on the same node.

You need to audit the sessions that are open. There's a number of different ways of doing this: currently the app I'm working uses a DB table which contains open sessions. The table keeps a record of user ID and session ID. Every request, after container managed security has authenticated the user, checks if the authenticated user has a currently valid session (represented by an entry in the table). If they do and the sesison ID matches then the request is passed. If they do and the session ID doesn't match, then an exception is thrown and the user is logged out.


JavaRanch FAQ HowToAskQuestionsOnJavaRanch
Santosh Maskar
Ranch Hand

Joined: Jul 02, 2003
Posts: 226
Thanks Paul
i have a table StirCustomerMst, which is mainting the user id , and we have another table like custtxnlogin which is maintian the Session,

when user is loginged in then request will be come throug the security filet and checks the Authentication , if yes then i will update the custLoingTxn table with new session value ,


I got the Idea if u have time then please ellobrate the concept that you suggested.

Very very thanks you for this good suggestion
 
GeeCON Prague 2014
 
subject: How to impletmet the Single Sing on