Suppose a user is logged in at a client, and if the same user id is used to login at other client, I want to log off the user who first logged in. It is something similar that happens in Yahoo Messenger.
I guess it can be done by using DB persistance to keep track of users logged in, but not quite sure how tthe client can get to know that, unless the page is refreshed in some way.
though i haven't solved such a problem but i guess if u maintain the user session in servlet context which is a unique place for a prticuler web application then u can easily track user, and do what u want. also u have to make changes in ur XML.
You can store all the user information in a MAP(name/value pairs) and create a session for the user. If the same username/password is entered from another machine first check it against the map and if the user is already logged-in then invalidate the existing session and redirect the first user to a SessionExpired page and dump all the existing session and other stuff in to the new user.
This topic has been dicussed a few times, at great length, here and in the JSP forum. In every case, I've maintained that there isn't a reliable way to do this in a webapp. I've yet to see an argument that will change my mind.
I'm not sure how easy it will be to find the threads but if you do you you'll find some pretty detailed discussions about the pitfalls and some of the recommended workarounds for them. If I get time, later today, I will see if I can dig up the threads and will post the links.
a) created a ServletContextListener class which is triggered when any attribute is modified b) each time a user logs in add the userId to an arraylist and add the arraylist as an attribute to the servletContext c) Now if already user "aaa" is logged in at a one client, so the array list contains "aaa". If other user "bbb" logs in it is also added to arraylist and servletcontext attribute is set again, and the class whih implements Servlet ContextListener is triggered, in which I check if there are any duplicates.
But now I am not sure how I should invalidate the session of the first user, i.e. how to call a method or a servlet or JSP which invalidates the first user and how to pass that session
do I have to map a session with userID and usea Map instead of ArrayList and use it to retrieve the required session
You mean solve the problem when container managed authentication used?
Tough in space?, <a href="http://tjws.sf.net" target="_blank" rel="nofollow">Get J2EE servlet container under 150Kbytes here</a><br />Love your iPod and want it anywhere?<a href="http://mediachest.sf.net" target="_blank" rel="nofollow">Check it here.</a><br /><a href="http://7bee.j2ee.us/book/Generics%20in%20JDK%201.5.html" target="_blank" rel="nofollow">Curious about generic in Java?</a><br /><a href="http://7bee.j2ee.us/bee/index-bee.html" target="_blank" rel="nofollow">Hate ant? Use bee.</a><br /><a href="http://7bee.j2ee.us/addressbook/" target="_blank" rel="nofollow">Need contacts anywhere?</a><br /><a href="http://searchdir.sourceforge.net/" target="_blank" rel="nofollow">How to promote your business with a search engine</a>