> -----Original Message-----
> From: A mailing list about Java Server Pages specification
> and reference
>
> Is it possible to do either of the following:
>
>
> (1) Be able to uniquely identify a surfer such that ALL
> requests (whether
> from current browser, spawned browser(s), or other launched
> browser(s)) use
> the SAME session.
>
> OR
>
> (2) As soon as a "new session" is created INVALIDATE ALL
> other sessions for
> a given surfer for reuests whether the session(s) were
> created from the
> current browser, spawned browser, or other launched browser(s).
>
>
> We have the need for providing a mechanism such that the last
> access to A
> page, by the user from any browser or spawned window, is the
> ONLY VALID
> session.
>
> DOES ANYONE HAVE ANY CREATIVE IDEAS on solving this....
>
> Any help is appreciated...
>
> --Nikolaos
>
>
> P.S. We can NOT use user names and passwords even if we wanted.
The only way to uniquely identify a host is by hostname or IP address, so
you could do something with these.
This may fall down if there is a web proxy/firewall between the server and
the browser as the requests will appear to come the host (IP of proxy).
However I seem to recall that some proxies add an HTTP header indicating the
original host name/IP address (I could be wrong on that).
HTH,
Steve S
===========================================================================
To unsubscribe: mailto [EMAIL PROTECTED] with body: "signoff JSP-INTEREST".
FAQs on JSP can be found at:
http://java.sun.com/products/jsp/faq.html
http://www.esperanto.org.nz/jsp/jspfaq.html
