aspose file tools*
The moose likes Struts and the fly likes Unique Session handling Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of Spring in Action this week in the Spring forum!
JavaRanch » Java Forums » Frameworks » Struts
Bookmark "Unique Session handling" Watch "Unique Session handling" New topic
Author

Unique Session handling

rudresh kumar
Ranch Hand

Joined: Jan 04, 2006
Posts: 83
HI All,

I have requirement, where unique session handling is to be done,

i,e if a user 'X' is logged in to my application, he should not be allowed to login anywhere again (even in the same machine) until he closes the existing session.

I would like to have you help on how to proceed with the same.

Thanks in advance
Vaishnav
Merrill Higginson
Ranch Hand

Joined: Feb 15, 2005
Posts: 4864
Here's one possible solution:
  • When the user logs on, put the user ID in a list of current users kept in Application scope (The ServletContext object)
  • Keep the current User Id as an attribute of the HTTPSession object
  • Implement an HTTPSession listener with a sessionDestroyed() method that removes the user ID from the list
  • When a user tries to log on, check to see if the user Id is in the list of current users. If it is, don't let them log on.
  • There is still at least one problem you will have to decide how to handle:

    If a user loses the connection or closes the browser accidentally, the user ID is still going to be in the list until the session times out. This could be frustrating for a user to have to wait. You may want to put up a dialog saying something like "It appears you have another session open. Only one is allowed at a time. Do you want to release the old session and start a new one now?" This at least gives someone the ability to still log on in this situation.


    Merrill
    Consultant, Sima Solutions
    Raghavan Muthu
    Ranch Hand

    Joined: Apr 20, 2006
    Posts: 3344

    That seems to be the good solutios Merill.

    The last option would be more useful i guess if in case such scenario occurs.


    Everything has got its own deadline including one's EGO!
    [CodeBarn] [Java Concepts-easily] [Corey's articles] [SCJP-SUN] [Servlet Examples] [Java Beginners FAQ] [Sun-Java Tutorials] [Java Coding Guidelines]
     
    I agree. Here's the link: http://aspose.com/file-tools
     
    subject: Unique Session handling