File APIs for Java Developers
Manipulate DOC, XLS, PPT, PDF and many others from your application.
The moose likes Servlets and the fly likes Session management  with username Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login

Win a copy of Java Interview Guide this week in the Jobs Discussion forum!
JavaRanch » Java Forums » Java » Servlets
Bookmark "Session management  with username" Watch "Session management  with username" New topic

Session management with username

vidya sagar
Ranch Hand

Joined: Mar 02, 2005
Posts: 580
Hi all

I want to prevent a same username to be logged, more than once at any time.
(i.e) A same loginname should not be used by two different persons to login at same time

So i used SessionBinding listener, to track all users who logged in.When a person logged in ,session will get created,When a person logged out session will get invalidated

scenario :when a person's by name XXX who is logged in and browsing the site,At that time internet connection is gone and immediately reconnects,this time i cannot track the user XXX who lost the connection and cannot invalidated the session,

At this time, When XXX try to login, it gets the message "Already logged in",XXX will allowed to login only previous session gets timeouts.

so when the connection is lost and same user is logged in , i want to allow him to login.

Now i want to handle this situvation too.

Waiting for ur solutions and Thanks in advance
Anupam Sinha
Ranch Hand

Joined: Apr 13, 2003
Posts: 1090
Maybe cookies may help you. Save some info after authenticating a user in a cookie and you can delete the same at the logout time.
Alec Lee
Ranch Hand

Joined: Jan 28, 2004
Posts: 569
Hi Vidya,

So i used SessionBinding listener, to track all users who logged in.

Could you elaborate more on the way you track users with HttpSessionBindingListener.
H Gokulam
Ranch Hand

Joined: Nov 04, 2003
Posts: 46

The question is simple. How do you identify these 2 case ?

1. Internet connection lost and the same user trying to login.
2. second person trying to login with same user id

Only the client browser can provide details like 'Internet connection failure' to the server. So 'Cookies' is one of the options (or only option).


Harikumar G<br />SCJP 1.4
Ben Souther

Joined: Dec 11, 2004
Posts: 13410

This topic comes up from time to time.
Search this and the JSP forum and you will find several threads that discuss in in length.

Rember HTTP is a stateless protocol.
JSP sessions help to mimick stateful behavior but there is really no such thing as 'being logged in'.

Java API J2EE API Servlet Spec JSP Spec How to ask a question... Simple Servlet Examples jsonf
I agree. Here's the link:
subject: Session management with username
It's not a secret anymore!