Hi all, How can I find out if a session has terminated, ended or expired? Basically in my application i need to restrict user login to just one for a particular userid, has any one implemented such functionality then please help me... any help would be appriciated....
"javalonghorns", you have previously been warned on one or more occasions regarding adjusting your display name to meet JavaRanch standards. This is not optional. Please take a look at the JavaRanch Naming Policy and adjust your display name to match it prior to your next post.
Your display name must be a first and a last name separated by a space character, and must not be obviously fictitious. Initials for a last name are not acceptable.
Be aware that accounts with invalid display names are removed.
Thanks for the head start, now useing the HttpSessionListner interface i can count the number of active session on server. But going by the business requirements how can i prevent the multiple logins from the same userid at the same time. Can i maintain a list that contains the user id and session id ? But not sure what would be the scope of this list and would it be accessible to any session and also what is the system impact of it?
Please help me looking forward to suggestions and tips.
Suggestion: grab a copy of the Servlet Specification (you shouldn't even be thinking about writing web apps without it) and read it cover to cover. It isn't that long, but it will give you a good overview of the various mechanisms that are available to you.
Joined: Jul 19, 2006
I explored the "servletContext" to implement this and it would be really good in case of one server or JVM but it would not work in the Clustered environment where we have different(/multiple) JVMs. So that leads to me to think in terms of using database to store the session id and username. Is there any other way i can implement it that would work in a clustered environment?
We have the same requirement and we just quietly ignored it and nobody complained much.
To share session knowledge across a cluster you'll have to move it out of the JVM to a shared resource or find a way to synchronize the memory in all your servers. The former sounds like "database" to me, and the latter is "distributed cache". Google for "java distributed cache" and find several choices. Such a thing was under consideration for inclusion in the Java standards, but I don't think it has moved along the process in recent years.
A good question is never answered. It is not a bolt to be tightened into place but a seed to be planted and to bear more seed toward the hope of greening the landscape of the idea. John Ciardi
[Stan James]We have the same requirement and we just quietly ignored it and nobody complained much. It's funny how well that technique works. It's also sad that it needs to be employed as often as it does.
[Romi Dave]how can i prevent the multiple logins from the same userid at the same time. This question gets asked quite often here. Search this and the JSP forums, there are quite a few long discussions on the subject.
I'll summarize the discussion for you because I can't find the right keywords to bring one of those threads up:
The original poster (OP) asks how to do this.
I tell the OP that this can not be done, reliably.
I then remind the OP that HTTP is a stateless environment and that the server never really knows when a user has closed his browser.
Several people come along claiming to have done this.
Someone else asks "what about this situation?" or "what about that situation?".
They answer that it wouldn't really work under those conditions.
I, unable to think of a nice way to say "I told you so", watch the thread sink into the abyss.
Several of those threads went on for a really long time. Next time I find one of them, I'll create a FAQ with links to them. [ July 29, 2006: Message edited by: Ben Souther ]