Sounds like you need a database, with the key the user's Login name, where
the "lock" expires with the same period as a session (say, 30 minutes). But
I think that at some point low-end servlet containers don't have the
functionality to support high-end applications, and maybe one should look at
the functionality provided by fully-fledged application servers.
----- Original Message -----
From: Niranjan Soni <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Sunday, February 13, 2000 6:23 AM
Subject: Allowing only One Login Session To the User
> Hi All
>
> I am developing an e-commerce application with
> Servlets as thin clients and EJB as the middle tier.
> Now my problem is allowing one user to Login to the
> application only once, which means that if he/she has
> logged in once into the application he can not log in
> again from the same m/c or from some different m/c
> till he logs out of the application properly.
> The point of concern here is how to avoid him from
> logging in from Two different m/c. I have been able to
> prevent successive log in from the same m/c bu writing
> the session id in cookie on the client's browser and
> then verifying the session with the session id if he
> tries to login again from the same m/c. But i am not
> able find any way how i can prevent him from logging
> in from two different m/c. I thought about doing this
> by using soft database lock (flag in the file) but
> that's less efficient and dangerous too.
> Does any one have an idea how i can go about doing
> this.
>
> Thanks
> Niranjan
> __________________________________________________
> Do You Yahoo!?
> Talk to your friends online with Yahoo! Messenger.
> http://im.yahoo.com
>
>
___________________________________________________________________________
> To unsubscribe, send email to [EMAIL PROTECTED] and include in the
body
> of the message "signoff SERVLET-INTEREST".
>
> Archives: http://archives.java.sun.com/archives/servlet-interest.html
> Resources: http://java.sun.com/products/servlet/external-resources.html
> LISTSERV Help: http://www.lsoft.com/manuals/user/user.html
>
___________________________________________________________________________
To unsubscribe, send email to [EMAIL PROTECTED] and include in the body
of the message "signoff SERVLET-INTEREST".
Archives: http://archives.java.sun.com/archives/servlet-interest.html
Resources: http://java.sun.com/products/servlet/external-resources.html
LISTSERV Help: http://www.lsoft.com/manuals/user/user.html
