File APIs for Java Developers
Manipulate DOC, XLS, PPT, PDF and many others from your application.
http://aspose.com/file-tools
The moose likes Servlets and the fly likes Limit access to web application Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Java » Servlets
Bookmark "Limit access to web application" Watch "Limit access to web application" New topic
Author

Limit access to web application

anish jain
Ranch Hand

Joined: Feb 03, 2010
Posts: 129
I want to restrict the number of users,say to 10, accessing my web application.

How can I achieve this? My web application is using jsp and servlets.
Bear Bibeault
Author and ninkuma
Marshal

Joined: Jan 10, 2002
Posts: 60059
    
  65

Not enough info. How do you identify a "user"?


[Asking smart questions] [Bear's FrontMan] [About Bear] [Books by Bear]
anish jain
Ranch Hand

Joined: Feb 03, 2010
Posts: 129
user means anyone who login to the application. We have a login page at first where one needs to enter username and password.
I just want to restrict the no. of users i.e. the one who provides username and password in order to access the application.

Is that enough?
Bear Bibeault
Author and ninkuma
Marshal

Joined: Jan 10, 2002
Posts: 60059
    
  65

How do you account for log outs? In other words, how do you know how many users are "using" the app?

If you can accurately account for "logged in" users (remember, not everyone will log out), you can just keep track of concurrent users in application context.
Shyam Ramath
Greenhorn

Joined: Jun 24, 2005
Posts: 21
Create a connection pool using a object and restrict the user accordingly . Once the user logs out free the object to the pool .
Bear Bibeault
Author and ninkuma
Marshal

Joined: Jan 10, 2002
Posts: 60059
    
  65

What on Earth do connections have to do with tracking logins?
Abhay Agarwal
Ranch Hand

Joined: Feb 29, 2008
Posts: 1000
    
    1

@anish -
one simple way -- define an application level variable say - loggedInUserCount (of data type - int/Integer).
Increment this counter( loggedInUserCount ) when new user logs in.
Decrement this counter( loggedInUserCount ) when a user logs out.

If during login, it is found that loggedInUserCount has reached the maximum limit (10 as required in your application), you can deny user to login into application.

As already mentioned in earlier thread , make sure that your application has well defined entry (login) and exit (log out) points so that loggedInUserCount can be managed properly.
for example , apart from user deciding to get log out from application, user session can also get expire (if you have set it in your web.xml/servlet) leading to one of exit point of your application. So loggedInUserCount should be decreased in this scenario (session timeout).
So define your application entry and exit points and increment/decrement loggedInUserCount accordingly.

Make sure that you also consider multi-threading/concurrency scenarios.

~ abhay
Shyam Ramath
Greenhorn

Joined: Jun 24, 2005
Posts: 21
Bear Bibeault wrote:What on Earth do connections have to do with tracking logins?


I did not mean database connection .. a login tracker object which release a entry pass to the user ..make sense ?
Bear Bibeault
Author and ninkuma
Marshal

Joined: Jan 10, 2002
Posts: 60059
    
  65

Shyam Ramath wrote:
Bear Bibeault wrote:What on Earth do connections have to do with tracking logins?


I did not mean database connection .. a login tracker object which release a entry pass to the user ..make sense ?

No. What's the need of a "login tracker object" when a simple counter will do the trick?
Arun Chidam
Ranch Hand

Joined: May 08, 2006
Posts: 79
On your login servlet add the below code which will restrict user to 10 at any point of time

1.Create a active session count for each session created

private static int activeSessions = 0;

public void sessionCreated(HttpSessionEvent se) {
activeSessions++;
}

public void sessionDestroyed(HttpSessionEvent se) {
if(activeSessions > 0)
activeSessions--;
}

public static int getActiveSessions() {
return activeSessions;
}

2.If the session count exceeds 10 then don;t create new session(i.e restrict his login)

if(session.getActiveSessions() < 10)
session.create()

SCJP 1.4, SCWCD 1.4
Bear Bibeault
Author and ninkuma
Marshal

Joined: Jan 10, 2002
Posts: 60059
    
  65

Counting sessions will not work. Sessions are created regardless of whether someone is "logged in" or not.
Arun Chidam
Ranch Hand

Joined: May 08, 2006
Posts: 79
check the below link.....not sure wether it resolves your issue?

Tomcat Setup

Each incoming request requires a thread for the duration of that request. If more simultaneous requests are received than can be handled by the currently available request processing threads, additional threads will be created up to the configured maximum (the value of the maxThreads attribute). If still more simultaneous requests are received, they are stacked up inside the server socket created by the Connector, up to the configured maximum (the value of the acceptCount attribute. Any further simultaneous requests will receive "connection refused" errors, until resources are available to process them.

 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: Limit access to web application
 
Similar Threads
Not able run mysql based jdbc program
Error using log4j in webapp
Url masking
Icon
Payment Gateway in java