This week's giveaway is in the Spring forum.
We're giving away four copies of REST with Spring (video course) and have Eugen Paraschiv on-line!
See this thread for details.
The moose likes Struts and the fly likes Unique Session handling Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login

Win a copy of REST with Spring (video course) this week in the Spring forum!
JavaRanch » Java Forums » Frameworks » Struts
Bookmark "Unique Session handling" Watch "Unique Session handling" New topic

Unique Session handling

rudresh kumar
Ranch Hand

Joined: Jan 04, 2006
Posts: 83
HI All,

I have requirement, where unique session handling is to be done,

i,e if a user 'X' is logged in to my application, he should not be allowed to login anywhere again (even in the same machine) until he closes the existing session.

I would like to have you help on how to proceed with the same.

Thanks in advance
Merrill Higginson
Ranch Hand

Joined: Feb 15, 2005
Posts: 4864
Here's one possible solution:
  • When the user logs on, put the user ID in a list of current users kept in Application scope (The ServletContext object)
  • Keep the current User Id as an attribute of the HTTPSession object
  • Implement an HTTPSession listener with a sessionDestroyed() method that removes the user ID from the list
  • When a user tries to log on, check to see if the user Id is in the list of current users. If it is, don't let them log on.
  • There is still at least one problem you will have to decide how to handle:

    If a user loses the connection or closes the browser accidentally, the user ID is still going to be in the list until the session times out. This could be frustrating for a user to have to wait. You may want to put up a dialog saying something like "It appears you have another session open. Only one is allowed at a time. Do you want to release the old session and start a new one now?" This at least gives someone the ability to still log on in this situation.

    Consultant, Sima Solutions
    Raghavan Muthu
    Ranch Hand

    Joined: Apr 20, 2006
    Posts: 3381

    That seems to be the good solutios Merill.

    The last option would be more useful i guess if in case such scenario occurs.

    Everything has got its own deadline including one's EGO!
    [CodeBarn] [Java Concepts-easily] [Corey's articles] [SCJP-SUN] [Servlet Examples] [Java Beginners FAQ] [Sun-Java Tutorials] [Java Coding Guidelines]
    I agree. Here's the link:
    subject: Unique Session handling
    It's not a secret anymore!