Help coderanch get a
new server
by contributing to the fundraiser
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Ron McLeod
  • Paul Clapham
  • Devaka Cooray
  • Liutauras Vilda
Sheriffs:
  • Jeanne Boyarsky
  • paul wheaton
  • Henry Wong
Saloon Keepers:
  • Stephan van Hulst
  • Tim Holloway
  • Tim Moores
  • Carey Brown
  • Mikalai Zaikin
Bartenders:
  • Lou Hamers
  • Piet Souris
  • Frits Walraven

HttpSession and not allowing multiple users to log in from same browser

 
Ranch Hand
Posts: 151
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
i want to do following thing

when ever any user try to login with different username and password from same browser my system should logged him as first user

eg
suppose i already logged in with username gp

and again try to open second browser window and try to log in with different password then my system should not all second user to logged in from same browser



while searching the net somewhere i have got code it indicates that we have to synchronized the session

i.e.


/**
* This method sets attributes in session
* @param session
* @param attribute
* @param key
*/
public static void setAttributesInSession(HttpSession session, Object attribute, String key) {
synchronized (session) {
session.setAttribute(key, attribute);
}
}

i have tried above code but it does not work

and allowing other user to logged in


please give me solution
 
Ranch Hand
Posts: 67
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hi,
How is authentication done in your system?
After user has loggedinto the system, you can store the userid and passwd of the user as cookies. The servlet can then check the value of these cookies. If these cookies have value, then value in these cookies should be used for authentication.Hope this helps.

Regards
Abhijit.
 
Ranch Hand
Posts: 130
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hi,

Another thought. You can store whether the user has logged in or not in the DB itself as an extra field to the user table(or whichever you use for storing user data) like had_logged. That field would be only one character in length, [either Y or {N or nothing}].

Or, one more idea. You can store a kind of synchornized HashMap at application context level for whichever user has logged in(you can extra field that for how long he/she has logged in etc.).

I like the cookie thing but cookie acceptance can be disabled by the browser.
[ March 13, 2006: Message edited by: Bimal Patel ]
 
Ranch Hand
Posts: 1026
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator


suppose i already logged in with username gp

and again try to open second browser window and try to log in with different password then my system should not all second user to logged in from same browser



Do you mean same user with different password.

Get the userName log him into session. If another user enters check whether the user has already logged in by getting the session attribute and comparing with it. If you find the userName is in session then send an error message.
 
With a little knowledge, a cast iron skillet is non-stick and lasts a lifetime.
reply
    Bookmark Topic Watch Topic
  • New Topic