Hi,
There is a SessionService available that is able to keep track of active
HTTP sessions.
See
http://turbine.apache.org/turbine/development/turbine-2.3/apidocs/org/apache/turbine/services/session/TurbineSessionService.html
You need to configure it in your web.xml as well.
In combination with a custom SessionValidator and/or custom LoginAction
you can easily check if an user is not logged in twice.
Cheers,
Bart
Jeffery Painter wrote:
hmm... If this is the case, then I recall this was asked/addressed a few
years back. I would look through the archives again (looking specifically
for detecting more than one active login) - it seems someone wrote a tool
to handle just that (or maybe it was in the 2.4 tree) -- maybe some of the
other old timers can remember better than I.
--
Jeffery Painter
Hi,
When you say "already logged in" - do you want to check if the user is
logged in from another computer ? If that is the case, your user object
WILL
NOT show up in the session for the current browser.
To implement this functionality, you will have to keep track of logged in
users through some separate mechanism (like say a HashSet into which you
add
any new user that logs in - first check if the user is present in the
HashSet, and if so direct them to a page that says they're already logged
in, otherwise log them in and add them to this HashSet) .
You would also need to keep track of when a user logs out and when a
session
times out, so that you can remove the user from this HashSet when either
of
these occur. Check out the HttpSessionBindingListener interface. The
easiest
way is for your User object to implement this interface and Add / Remove
itself from the HashSet when the valueBound() / valueUnbound() methods are
called respectively.
BK
On Feb 1, 2008 12:40 AM, Shaw, Nathan (HQ-LD070)[InDyne, Inc] <
[EMAIL PROTECTED]> wrote:
Thanks Jeffrey,
The problem is not in logging a user in... the action I have is doing
that
just fine. The problem is when you try to detect if a user calling the
login
action is ALREADY logged in or not (in this case, we have guest users
coming
in from another site).
I want to make it so if the user is already logged in, it does not log
them in again. However, when I test the User returned in the doperform()
method in my login action, it is always NULL. It appears that something
up
the chain is wiping the User object and the session.
--Nathan
-----Original Message-----
From: Jeffery Painter [mailto:[EMAIL PROTECTED]
Sent: Thu 1/31/2008 1:08 PM
To: Turbine Users List
Subject: RE: user is nulled out on login attempt
I had used Turbine to build a prototype of an electronic health record
system.
I can't remember if we were using Turbine 2.1 or 2.2 but I have my
custom
login action is here:
http://office.kiasoft.com/viewcvs/viewcvs.cgi/agrippa/WebRoot/WEB-INF/src/edu/ncsu/csc/agrippa/modules/actions/AgrippaLoginUser.java?rev=1.1.1.1&content-type=text/vnd.viewcvs-markup
Maybe that will give you some insight... it worked last time I ran the
code but that was Dec 2006...
Hope it helps
--
Jeffery Painter
Knowledge Engineer
Semantic Technologies Group
Statistical and Quantitative Sciences
GlaxoSmithKline Research and Development
I don't get that. The test is if the user is NOT null.
Anyway, it does work. I took it from my SNA login code (our first
Turbine project.)
-----Original Message-----
From: Shaw, Nathan (HQ-LD070)[InDyne, Inc]
[mailto:[EMAIL PROTECTED]
Sent: Thursday, January 31, 2008 12:17 PM
To: Turbine Users List
Subject: RE: user is nulled out on login attempt
I don't think that will work because that will mean that the user is
null and is not logged in at all. It will actually probably be caught
by
the SessionValidator and just take them back to the login page.
I am actually checking the User object and outputting whether it is
null
or not in the login action. I tried both getUser() and
getUserFromSession() and they are both NULL every single time a login
is
attempted. Something up the chain is clearing all of that out before
the
login occurs.
--Nathan
-----Original Message-----
From: Altner, Bruce (HQ-LD070)[InDyne, Inc]
[mailto:[EMAIL PROTECTED]
Sent: Thu 1/31/2008 9:29 AM
To: Turbine Users List
Subject: RE: user is nulled out on login attempt
How about just doing this, early in the Login action doPerform method
(first thing?):
if ( data.getUserFromSession() != null )
{
return;
}
Bruce
-----Original Message-----
From: Shaw, Nathan (HQ-LD070)[InDyne, Inc]
[mailto:[EMAIL PROTECTED]
Sent: Thursday, January 31, 2008 8:35 AM
To: [email protected]
Subject: user is nulled out on login attempt
Hi all,
I am writing my own login action and need to be able to check to see
if
a user is already logged in when the action is called. If they are, I
want to skip the login stuff to preserve their session. However, every
single time that the login action is called, the User object is coming
back NULL.
Here is a code snippet. Does anyone have any idea WHY the user is
coming
back NULL? I assume something is happening in Turbine somewhere that
wipes the User on a login attempt or something?
public class OutageCalLoginUser extends LoginUser {
public void doPerform( RunData data, Context context) throws Exception
{
String uname ;
String passwd ;
System.out.println("doPerform(data, context)");
if ( data.getUserFromSession() == null ){
System.out.println("user from session is null");
}else{
System.out.println("user from session is NOT null");
}
if(data.getUser() == null){
System.out.println("user is null");
}else{
System.out.println("user is NOT null");
if(data.getUser().hasLoggedIn()){
System.out.println("user is logged in");
}else{
System.out.println("user is NOT logged in");
}
}
if((data.getUser() == null) || (data.getUser() != null &&
data.getUser().hasLoggedIn() == false)){
try {
SymEncDec enc = SymEncDec.getInstance();
// Username/password = username/pswd coming through front
door.
// User coming from elsewhere will have neither username
nor pswd.
String username = data.getParameters().get("username");
String pswd = data.getParameters().get("password");
// If username exists, user came in the front door.
if (username != null && username.length()>0) {
uname = username;
passwd = pswd;
}else {
uname = "guest";
String encryptedPasswd =
TurbineResources.getString("guest.credential");
passwd = encryptedPasswd;
//enc.decodeBase64Decrypt(encryptedPasswd);
}
// Log the user in
doLogin(data, uname, passwd);
try {
Utils.getUserID(data);
}
catch (NullPointerException npe) {
throw new TurbineSecurityException("Bad username or
password, I say!");
}
}
catch ( TurbineSecurityException se ) {
badUserOrPassword(se, data);
}
catch (Exception e) {
throw new PortalVelocityException(e.getMessage()=ull?":
"+e.getMessage():e.getMessage(),
e.getCause()=ull?e:e.getCause(), data);
}
}
}
}
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
*************************************************************************
The information contained in this communication is confidential and is intended solely for the use of the individual or entity to whom it is addressed.You should not copy, disclose or distribute this communication without the authority of iBanx bv. iBanx bv is neither liable for the proper and complete transmission of the information has been maintained nor that the communication is free of viruses, interceptions or interference.
If you are not the intended recipient of this communication please return the communication to the sender and delete and destroy all copies.
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
