hopefully this qualifies as a "pattern". we have a requirement that a user can only log in from one browser session at a time to our web app (weblogic j2ee/web and ejb using turbine framework). we also have a requirement that when the user closes their browser, they should be automatically logged out.
what is a good way to handle this? is there a typical "pattern" for performing this type of task?
The session bean update would be in addition to the database field, since you'd still have to coordinate across potential new sessions, right? That sounds reasonable to me. Just make sure the app clears the database flags on startup, in case of a crash.
Joined: Dec 19, 2003
thanks, we're using the turbine framwork which seems to provide hooks to tie into the server startup to clear out any stale logged in users.
i was just wondering if others have had a similar requirement and how you implemented something for this (user can only log in from one station at a time).
It's always a challenge! The user can knock the plug out with his foot and the server gets no notice that he's gone. Any place you keep persistent information about who is logged on can go stale and prevent someone from logging on again.
I used to use IBM's mainframe VM/CMS time-sharing system and it had an option to "logon HERE" that would blow off any other existing session for the userid. Before that came along it was possible to get bad session data so the mainframe would lock you out until somebody manually reset your id. I loved this feature when moving around the building, logging on in different places.
You could have a keep-alive message from the client to the server every minute or so. If the server fails to get a couple of them it could assume the client is gone and remove the session. Or do it the other way - have the server ping the client now and then to see if it's still there. A browser client with an applet for "push" messaging could respond to this, too.
Any of that sound interesting? [ May 17, 2004: Message edited by: Stan James ]
A good question is never answered. It is not a bolt to be tightened into place but a seed to be planted and to bear more seed toward the hope of greening the landscape of the idea. John Ciardi
Joined: Jan 29, 2003
Hey, Mark, come back and tell us what you finally did!