In addition, what happens if the user's browser encounters an exception or stops responding and needs to be forced shut? That user would attempt to log in again but would get the error message stating that they are already logged in (until the session expires). So when a login attempt is made, perhaps there would be a way to verify if a connection is still open/being used? or perhaps there is something in the ssl that could be utilized? If it is for a banking domain, I assume that any web/intranet would be using https..
My two cents.. ~ David J. McKenzie On Tue, Sep 28, 2010 at 9:10 AM, Stephen Russell <[email protected]>wrote: > On Mon, Sep 27, 2010 at 11:07 PM, VB <[email protected]> wrote: > > Well its not the university assignment...:) > > Its the application for Banking Domain, in which user can logged-in > > only on one machine ...not more than one machine., So nobody can share > > thier user-id or password and work on one machine at a time....its > > very strange that some of you ppl didn't hear about this... :( > > anyway ...keep posting > -------------- > > Sure, wink wink wink, its a banking rule. > > If that is the case all you need is to add a column in the user table > indicating LoggedOn status. make it whatever data type you like. > Just reference it at login process. If that column has the value that > states they are already in toss back the string "How DARE YOU attempt > to log in a second time" Well you could change it to whatever mgmt > wants. > > I guess you need a way to clear that flag if the user didn't log out. > > YMMV > > > -- > Stephen Russell > > Sr. Production Systems Programmer > CIMSgts > > 901.246-0159 cell >
