--- On Sun, 11/30/08, Paul Benedict wrote: > I've seen this kind of solution before. When a user logs > in, you need to write them into a database -- either in > memory or disk -- and then do not allow the same user to > log in again until the previous session expires. You want > to use a session listener for this to detect expired sessions.
I'm not sure that solves the problem of multiple session "views" in browsers that make new tabs/windows as non-new connections/sessions, though--I think those have to be handled with a sort of token mechanism. Dave --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
