Help coderanch get a
new server
by contributing to the fundraiser
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Ron McLeod
  • Paul Clapham
  • Devaka Cooray
  • Liutauras Vilda
Sheriffs:
  • Jeanne Boyarsky
  • paul wheaton
  • Henry Wong
Saloon Keepers:
  • Stephan van Hulst
  • Tim Holloway
  • Tim Moores
  • Carey Brown
  • Mikalai Zaikin
Bartenders:
  • Lou Hamers
  • Piet Souris
  • Frits Walraven

Keeping track of Logged users

 
Greenhorn
Posts: 11
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hello
I have a question regarding user Loggig in.

Suppose a user is logged in at a client, and if the same user id is used to login at other client, I want to log off the user who first logged in. It is something similar that happens in Yahoo Messenger.

I guess it can be done by using DB persistance to keep track of users logged in, but not quite sure how tthe client can get to know that, unless the page is refreshed in some way.


Plz post if u have any ideas
 
Ranch Hand
Posts: 156
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
hi,

though i haven't solved such a problem but i guess if u maintain the user session in servlet context which is a unique place for a prticuler web application then u can easily track user, and do what u want. also u have to make changes in ur XML.

tell me if u figure out the problem,

bye,

sachin.
 
Ranch Hand
Posts: 1026
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
You can store all the user information in a MAP(name/value pairs) and create a session for the user. If the same username/password is entered from another machine first check it against the map and if the user is already logged-in then invalidate the existing session and redirect the first user to a SessionExpired page and dump all the existing session and other stuff in to the new user.
 
kiranreddy reddy
Greenhorn
Posts: 11
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Thanks Sachin aand Vishnu

both the solutions look feasible... I will try if I can get it done, I will get back once its done or even not done :-)

Thanks
 
Sheriff
Posts: 13411
Firefox Browser VI Editor Redhat
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
This topic has been dicussed a few times, at great length, here and in the JSP forum. In every case, I've maintained that there isn't a reliable way to do this in a webapp. I've yet to see an argument that will change my mind.

I'm not sure how easy it will be to find the threads but if you do you you'll find some pretty detailed discussions about the pitfalls and some of the recommended workarounds for them. If I get time, later today, I will see if I can dig up the threads and will post the links.
 
kiranreddy reddy
Greenhorn
Posts: 11
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
hi,

I tried the follwing method

a) created a ServletContextListener class which is triggered when any attribute is modified
b) each time a user logs in add the userId to an arraylist and add the arraylist as an attribute to the servletContext
c) Now if already user "aaa" is logged in at a one client, so the array list contains "aaa". If other user "bbb" logs in it is also added to arraylist and servletcontext attribute is set again, and the class whih implements Servlet ContextListener is triggered, in which I check if there are any duplicates.

But now I am not sure how I should invalidate the session of the first user, i.e. how to call a method or a servlet or JSP which invalidates the first user and how to pass that session

do I have to map a session with userID and usea Map instead of ArrayList and use it to retrieve the required session
 
Ben Souther
Sheriff
Posts: 13411
Firefox Browser VI Editor Redhat
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Here's one thread.
I know there were several others (maybe in the JSP forum) that went on even longer.

https://coderanch.com/t/360305/Servlets/java/Session-Handling-restrict-only-one
 
Ranch Hand
Posts: 294
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
You mean solve the problem when container managed authentication used?
 
Ben Souther
Sheriff
Posts: 13411
Firefox Browser VI Editor Redhat
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator

Originally posted by dema rogatkin:
You mean solve the problem when container managed authentication used?



I believe he's talking about insuring that one user can't log in from two different browsers at the same time.
 
dema rogatkin
Ranch Hand
Posts: 294
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
We use checking validity session id against database. Generally it isn't so much overhead considering that Amazon updates db on every click.
 
With a little knowledge, a cast iron skillet is non-stick and lasts a lifetime.
reply
    Bookmark Topic Watch Topic
  • New Topic