Hi Guys
They way i have done this is create a singleton class for logged on users and keep a hash of the usernames logged on. However when a user does not loggof the user is still in the hash, so what i do before a user tries to logon again is to check whether the session is valid . if it is then i give a mutliple loggon message, invalidate the session and create a new session. If the session is invalid i know he expired so i just logg the user on normally. Also at each request check for valid session. kayode Dosunmu >From: "Alvin Kutttikkat Antony" <[EMAIL PROTECTED]> >Reply-To: "Struts Users Mailing List" <[EMAIL PROTECTED]> >To: <[EMAIL PROTECTED]> >Subject: ReQ: Only one logged in session at a time for each user >Date: Mon, 28 Jan 2002 16:22:39 +0100 > >Hi there, > I am too interested on this.The suggestion is good.How can >I get session object from the Id.I think one way is through >HttpSessionContext class. I found this class has been deprecated. >any other way to achieve this >Alvin > > > > > second time, that you invalidate the *old* session >and let them continue with new one. I've seen that approach used >on a large public web site. > >Sean > > >On Sunday, January 27, 2002, at 08:01 PM, Antony Stace wrote: > > > Hi > > > > I want the users in a Struts application to be only logged in > > once at any one time. What is the > > best way to go about this. I was thinking that I can have have > > some sort of record in (an application > > wide bean)/(a database record)/(the logon action) that keeps > > track of who is logged on and when the log on process > > happens this record is checked, if the user is already logged > > on then don't let them log on again. The problem > > I can see with this is that this works fine if the user logs > > out of the application through a logout > > action - the logout action can simply clear the record of the > > user being logged in. But if the users browser crashes, they > > reboot > > the machine, they simply restart the browser then this record > > will not be cleared and thus they will not be able to log in. > > I cannot think of how I can > > implement a mechanism to ensure only one log in at a time. The > > thought of adding some sort of timeout value > > seems a little nasty, since I hate it when I go to a site and I > > am told I am alread logged in, please try back in > > 10 minutes. > > > > Any ideas folks on how to handle this? > > > > > > -- > > > > > > Cheers > > > > Tony > > --------------------------------------------------------------------- > > > > > > _________________________________________________________ > > Do You Yahoo!? > > Get your free @yahoo.com address at http://mail.yahoo.com > > > > > > -- > > To unsubscribe, e-mail: <mailto:struts-user- > > [EMAIL PROTECTED]> > > For additional commands, e-mail: <mailto:struts-user- > > [EMAIL PROTECTED]> > > > > > >_________________________________________________________ > >Do You Yahoo!? > >Get your free @yahoo.com address at http://mail.yahoo.com > > > > >-- >To unsubscribe, e-mail: ><mailto:[EMAIL PROTECTED]> >For additional commands, e-mail: ><mailto:[EMAIL PROTECTED]> > > > >alvin kuttikkat antony >Internet und Virtuelle Hochshule >Directory >Universität München > >Leopoldstr .3 >80802 München >Germany > >Office Tel + 49.89.21025979 >Office Fax + 49.89.21025980 _________________________________________________________________ Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp. -- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
