Using a session listener to record session creation/destruction and them use that info to invalidate previous sessions where the user is the same?
Ernesto On Fri, Mar 6, 2009 at 11:34 AM, Martin Bednář <martin.bed...@triax.cz>wrote: > Hello, > > In our application I must guarantee that user is logged only once to the > application. > I have the following problem. > > 1,User logged to aplication, create session1 > 2,User browser crased, but session1 is still alive for next 30minutes > (session expiration time is 30minutes). > 3,User open new browser and login to application (session2 is created). > > And in point 3 I need close session1 before I log user in. > > I hold userId in user session, but I don't know how to iterate over all > sessions and check if another session for same user is here. > > Any advice ? > > Thx Martin >
