Win a copy of Design for the Mind this week in the Design forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

how to restrict concurrent logins

 
venkateshwar rao ravula
Greenhorn
Posts: 15
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi All,

how to prevent concurrent logins in struts application

what exaclty i mean is if user enters into application,session has been created for that particular user. if the same user logs into the application from the same system or another system session that has already exists for that pariculr user sholud be invalidated.

Thanks & regards,

Venkateshwar Rao Ravula
 
John Melton
Ranch Hand
Posts: 49
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Probably multiple ways to do this, but here's one idea.
1. Have a database table like CURRENT_SESSIONS that holds the user information and the most recent login time
2. Every time a user attempts to login, check this table to see if the user currently has a session in there. If not, insert a new record in the table, store the userid in the session and let the user login. If there is a record for that user in the table, do not let the user login and take them to an error page informing them about the error.
3. On logout or session timeout (configured in web.xml), get the username of the user that's currently logged in from the session, and remove any record from the CURRENT_SESSIONS table for that user so that he can login the next time).

Hope this helps
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic