HI ALL,
I HAVE A SLIGHT PROBLEM IN MY APLICATION.
I WANT TO STORE THE USERIDS CURRENTLY IN SESSION. IF THEY TRY TO LOG IN AGGAIN, THEY SHUD BE DISPLAYED A MESAGE SAYING"THEY ARE ALREADY LOGGED IN". HOW DO I GO ABOUT DOING THIS?
Bad idea. You can do this. More details to come...
ALSO, IF THEY LOG OUT, I AM INVALIDATING THEIR SESSION AND REMOVING THEIR USERID FROM THE LIST, BUT HOW WILL KNOW WHEN THE USER INSTEAD OF LOGGING OUT JUST CLOSES THE BROWSER WINDOW?
You wont. The session will eventually time out. You can set the session time out to be low, but there is no way to know if they just closed their browser. Http is stateless.
WILL HIS SESSION STILL BE RUNNING?
Yes.
HOW CAN I INVALIDATE HIS SESSION WHEN HIS CLOSES HIS BROWSER WINDOW?
You can not. You can set the time out lower.
PLS REPLY ASAP... DEAD LINE IS THERE..
aye aye captain.
Now back to your original question.
I HAVE A SLIGHT PROBLEM IN MY APLICATION.
I WANT TO STORE THE USERIDS CURRENTLY IN SESSION.
No problem.
IF THEY TRY TO LOG IN AGGAIN, THEY SHUD BE DISPLAYED A MESAGE SAYING"THEY ARE ALREADY LOGGED IN". HOW DO I GO ABOUT DOING THIS?
Keep a list of users in a static hashmap or something. Look 'em up and see if they are already logged in.
I think this is a bad idea, but it is possible.
You could also log them out and invalidate their other orphanned session. (You could put the session in a hashmap keyed on the id... I've done it... it is possible).
You could also give the option of copying the state from their orphaned session to the current session, and this would accomplish what you want, but I think want you want may not really be what you really want.
See every time you exit your browser and reopen it you get a new session id. Why you ask? The jsessionid cookie that send the session with the header gets destroyed when the browser is closed... this is by design. Thus, if you do what you really want to do, then you would force them to wait until their session times out before they can use the system. This will make your users sad.