I am facing a problem in ensuring that the cookie values being set from my site is not remaining the same for all the windows login accounts from a system.
user right clicks on IE browser and uses "run as" to login multiple times from available windows accounts and logs into the website.
as a result of this i am not able to restrict the ability to have multiple logins in the website from the same/single windows system.
under normal circumstances , with 1 windows account we can ensure that users cannot carry out multiple logins by validating against cookies already written. but this fails when the "run as" feature of windows application is used for multiple windows accounts.
my code for setting and validating cookies :
setting cookie code snapshot :
java.util.Date now = new java.util.Date();
String timestamp = now.toString();
Cookie cookie = new Cookie ("ABC","01561987");
cookie.setMaxAge(3600 * 7);