This week's book giveaway is in the Clojure forum.
We're giving away four copies of Clojure in Action and have Amit Rathore and Francis Avila on-line!
See this thread for details.
Win a copy of Clojure in Action this week in the Clojure forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

Avoid login page for already logged in user

 
Jaikiran Pai
Marshal
Pie
Posts: 10444
227
IntelliJ IDE Ubuntu
  • 0
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I am not very sure whether this is the correct forum to post this question. In case someone feels there is some other appropriate forum for this, please move it there.

Here's what we are trying to achieve:

- We have a J2EE application deployed on Websphere(this question is not specific to Websphere, though).
- The user is provided with a login page where he can enter his username/password and access the application.

Our requirement is if a user "xyz" logs in from one browser on a machine and then later on from some other browser(but the same machine), tries to access the application, he should NOT be shown the login page. He should be allowed to access the page directly. Briefly, if a user is already logged in from a different instance of browser, he should NOT be shown the login screen again, until he logs out.

1) Is this similar to Single SignOn(or is this completely different from Single SignOn)?
2) If yes, are there any Open Source libraries which we can use in our application to achieve this?

If not, what are the alterantives able for implementing this requirement?

Any suggestions are appreciated.
 
Ben Souther
Sheriff
Posts: 13411
Firefox Browser Redhat VI Editor
  • 0
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
If the person is using another browser instance, then you will not be able to rely on JSP sessions for this.
You would need to implement some sort of persistant cookie (like Javaranch does).
 
Jaikiran Pai
Marshal
Pie
Posts: 10444
227
IntelliJ IDE Ubuntu
  • 0
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Thanks Ben Souther for answering that.

So this is no where related to Single SignOn, right?(just wanted to make sure).

Also, this appears to be application specific issue and should be handled by application specific logic, right?

Thanks for pointing to cookies. If we need to write some application specific logic of handling this, would maintaing the logged in user names in a database be a better option(in case cookies are disabled)?
 
Ben Souther
Sheriff
Posts: 13411
Firefox Browser Redhat VI Editor
  • 0
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Single sign on allows you to (from one browser session) access multiple webapps running under the same container without having to log into each of them separately.

In this case you want to be able to leave and come back with a different browser instance. They're not the same.
 
Jaikiran Pai
Marshal
Pie
Posts: 10444
227
IntelliJ IDE Ubuntu
  • 0
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Thanks a lot for the help, Ben Souther. Those answers helped.
 
Joshua Cloch
Ranch Hand
Posts: 95
  • 0
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
In my opinion, there are two possibilities.

1, If you use different browsers,such as IE and Firefox, the goal could hardly be achieved without using permanent data storage.

2, If you use one browser, what you need to do is to check if the user in session scope exists.
 
Jaikiran Pai
Marshal
Pie
Posts: 10444
227
IntelliJ IDE Ubuntu
  • 0
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
If you use one browser, what you need to do is to check if the user in session scope exists.


This cant be done since even if i am using a single browser(IE), i might open multiple *instances* of the browser. In such a case a new session will be created for the second browser instance.

As Ben Souther mentioned, cookies seem to be the answer for this requirement. And if cookies are disabled, may be rely on database.
 
I agree. Here's the link: http://aspose.com/file-tools
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic