Hi,
Servlet containers won't help to solve this problem. You need to build
this logic in your application. A simple solution solution could be to
save the user's login within the servlet context for the life time of
the user's session. You could use a hash table to store all login's. You
can use this data to identify duplicate login's.
An interesting problem would be to see how such solutions can be
combined with the servlet 2.2 model's form-based authentication!
Regards,
Subrahmanyam
Niranjan Soni wrote:
>
> Hi All
>
> I am developing an e-commerce application with
> Servlets as thin clients and EJB as the middle tier.
> Now my problem is allowing one user to Login to the
> application only once, which means that if he/she has
> logged in once into the application he can not log in
> again from the same m/c or from some different m/c
> till he logs out of the application properly.
> The point of concern here is how to avoid him from
> logging in from Two different m/c. I have been able to
> prevent successive log in from the same m/c bu writing
> the session id in cookie on the client's browser and
> then verifying the session with the session id if he
> tries to login again from the same m/c. But i am not
> able find any way how i can prevent him from logging
> in from two different m/c. I thought about doing this
> by using soft database lock (flag in the file) but
> that's less efficient and dangerous too.
> Does any one have an idea how i can go about doing
> this.
>
> Thanks
> Niranjan
> __________________________________________________
> Do You Yahoo!?
> Talk to your friends online with Yahoo! Messenger.
> http://im.yahoo.com
>
> ___________________________________________________________________________
> To unsubscribe, send email to [EMAIL PROTECTED] and include in the body
> of the message "signoff SERVLET-INTEREST".
>
> Archives: http://archives.java.sun.com/archives/servlet-interest.html
> Resources: http://java.sun.com/products/servlet/external-resources.html
> LISTSERV Help: http://www.lsoft.com/manuals/user/user.html
--
----------------------------------------------------------
Letting U=Universal, and given God=U and Unreason=U,
Unreason=God --- Q.E.D.
Check me at http://www.Subrahmanyam.com
----------------------------------------------------------
___________________________________________________________________________
To unsubscribe, send email to [EMAIL PROTECTED] and include in the body
of the message "signoff SERVLET-INTEREST".
Archives: http://archives.java.sun.com/archives/servlet-interest.html
Resources: http://java.sun.com/products/servlet/external-resources.html
LISTSERV Help: http://www.lsoft.com/manuals/user/user.html
