• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Jeanne Boyarsky
  • Ron McLeod
  • Paul Clapham
  • Liutauras Vilda
Sheriffs:
  • paul wheaton
  • Rob Spoor
  • Devaka Cooray
Saloon Keepers:
  • Stephan van Hulst
  • Tim Holloway
  • Carey Brown
  • Frits Walraven
  • Tim Moores
Bartenders:
  • Mikalai Zaikin

Session Management

 
Greenhorn
Posts: 5
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
hi,
i'm creating a web application to ensure multiple users can concurrently feed data for report generation. i need to make one user can login to oly one system at a time. he cant create new session from any other system or same system itself. any idea? hav any tutorial or sample codes?
 
Bartender
Posts: 2700
IntelliJ IDE Opera
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
I don't see how this is related to performance but I don't know where to move it as you didn't provide us with much information. Could you explain why you want this, what technologies/frameworks you're using etc...
 
Shunmuga Raj
Greenhorn
Posts: 5
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
i'm using jsp with ajax for frontend and mysql for backend. not for such performance related, one user shouldnt hav multiple session at a time that was the constraint. giv me some ideas?
 
Ranch Hand
Posts: 76
  • Likes 1
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Creata a table in database.
When a user login ener the data in into the table.
If the same user tries to login check data is already presest for that user in Data base.
If data alreday data is present display message to user stating that you have already loged in.
When user log off from session delete data from data base.
When session is expired delete data in data base using Session Listener.
If the user close the session abnormally use a separate application to unlock(delete the data from data base) the appplication.

--Mohan
 
mohana krishna
Ranch Hand
Posts: 76
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Issue 1 : Session time out case

Create class UserSessionListener which implements HttpSessionListener
In UserSessionListener Class give the implementation for method

sessionDestroyed(HttpSessionEvent objHttpSessionEvent) in this method write code to delete data from data base.

Configure session listener in Web.xml file.

<listener>

<description>UserSession Listiner</description>

<display-name>UserSessionListener</display-name>

<listener-class>com.user.oci.applicationlock.listener.UserSessionListener</listener-class>

</listener>

Case 2 : Abnormal termination of session.


Write a small JSP page which accepts USER id (One which you want to unlock )as input may be admin may have rights to unlock the user.

When user enters the user name submits the page then you delete the data for that user from Data base.

For all these cases
You may create one USER object and store it in session when user is loged in.
When user id loged off , session time out or unlocking using the application delete the object from the session.


Regards,
Mohan.
 
Sheriff
Posts: 3837
66
Netbeans IDE Oracle Firefox Browser
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator

mohana krishna wrote:Creata a table in database.
When a user login ener the data in into the table.
If the same user tries to login check data is already presest for that user in Data base.
If data alreday data is present display message to user stating that you have already loged in.
When user log off from session delete data from data base.
When session is expired delete data in data base using Session Listener.
If the user close the session abnormally use a separate application to unlock(delete the data from data base) the appplication.

--Mohan


This is a nice design. However, it can be modified slightly to avoid special unlocking application:

  • Add an autoincrement field in the table called eg. SESSIONID.
  • When the user logs in, remember the generated SESSIONID in the applicaton.
  • Modify every database operation to verify that the SESSIONID stored in the application still exists in the table. If it does not, throw an exception ("User session was terminated").
  • When the user logs in, verify that he is not already logged. If he is, offer him to remove the old login record and add a new one, thus killing the previous session.
  • Logging off and session expiration without change.

  • This way, every user can 'kill' his own sessions. Since the user has been authenticated (I presume), he cannot do harm to any other user. No need to have a special application or privileged user to unlock accounts. Care needs to be taken with database locking while modifying the login table to make this work.
     
    Don't get me started about those stupid light bulbs.
    reply
      Bookmark Topic Watch Topic
    • New Topic