aspose file tools*
The moose likes Websphere and the fly likes How to get session object by giving Session Id to kill another session in Websphere Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Products » Websphere
Bookmark "How to get session object by giving Session Id to kill another session in Websphere" Watch "How to get session object by giving Session Id to kill another session in Websphere" New topic
Author

How to get session object by giving Session Id to kill another session in Websphere

Prasad Thirugnanam
Ranch Hand

Joined: Dec 19, 2001
Posts: 39
Hi All,
Objective: To achieve only one user to logon only once on the same machine or different machine.
When the same user logs in on another machine or broswer instance, it should throw a msg
"User logged in already" and should not able to go further. When the user logs off
the lock should be released and browser close should be treated as Logout (at this
point also, the lock should be released)
THe Administrator should have one option to release the locked users.
Software: IBM WAS 4.0, database is Oracle
Problem:
Suppose the user logs in to the web application. After proper authentication,
a flag is updated in a table with his user id. so when the same user is loggin in
from different browser, it checks for the entry first and then throws error msg without loggin in.

There should be one option for Admin to release the lock. Suppose the network goes down, the
user lock wont be released since he didnt logged off properly.
The admin has option to see list of users whose status='Y' from a table. Then Admin selects
one or more users and update the status as 'N', so that next time those users can log in.

Now problem is, a user logs in and his status is set to 'Y'. Now he calls up Admin to release
his user lock. the admin releases the lock (which updates the flag only). The same user will be
able to log on from different machine or browser instance now. We need to stop that.
So when the admin releases the lock, the other session if any should be invalidated, so that
he gets the login screen.

Question: When the user logs in his Session id is written to the table. With the help of that session id,
how can we get the Session object to invalidate that particular session. The admin should
able to get the session object of some person by giving that session id, and invalidate.

I have described in detail. I hope to get some positive reply to this. This is very urgent.
Plese help me and thanks in advance.

Rgds,
Prasad
Trish Wu
Ranch Hand

Joined: Oct 09, 2002
Posts: 34
When the session expires or web app goes donwn, use two listeners to update the db's status.
Run a scheduled job to clean up that table if necessary (check last-update timestamp).
And i dont think u should ever let the admin guy to directly manipulate the data like that. Rather wait for the session to be expired like 15 minutes so that the user can login then.
SJ Adnams
Ranch Hand

Joined: Sep 28, 2001
Posts: 925
Whenever I have implemented;
one user = one session
It's always been FIFO (first person who logs in gets kicked out by the second user).
I think your requirements imply using a very short session lifetime (after 5 minutes of inactivity user gets kicked off), otherwise your admin is going to be very busy.
Who came up with these requirements??
 
 
subject: How to get session object by giving Session Id to kill another session in Websphere