how to prevent concurrent logins in struts application
what exaclty i mean is if user enters into application,session has been created for that particular user. if the same user logs into the application from the same system or another system session that has already exists for that pariculr user sholud be invalidated.
Thanks & regards,
Venkateshwar Rao Ravula
posted 8 years ago
Probably multiple ways to do this, but here's one idea. 1. Have a database table like CURRENT_SESSIONS that holds the user information and the most recent login time 2. Every time a user attempts to login, check this table to see if the user currently has a session in there. If not, insert a new record in the table, store the userid in the session and let the user login. If there is a record for that user in the table, do not let the user login and take them to an error page informing them about the error. 3. On logout or session timeout (configured in web.xml), get the username of the user that's currently logged in from the session, and remove any record from the CURRENT_SESSIONS table for that user so that he can login the next time).