how to make an Http Session per user to access web application


General J2EE: how to make an Http Session per user to access web application

  1. In my clustered web application, I want to make the User log on at that time only one. when the same user(active) wants to log into the web application more than one at that time in the same browser or another instance browser, Application Should alert the message as 'User has Log on into the application Now'. After the logoff has done, the same user can be able to log into the web application. How to Make track of User and his Session?. please....

    Threaded Messages (4)

  2. Store it in session[ Go to top ]

    You can store User Id into the Session object after a successful login i.e. (User Id/Password verification) . Session.setAttribute("UserInfo", loginUserId); And to stop same User login again , you need to check the same User Id attribute before the login (User Id/Password verification) to see if this User Id already exist. If it does just return the message otherwise let it login again. Session.getAttribute("UserInfo");
  3. Re: Store it in session[ Go to top ]

    Since the same user(ie for eg:user1) has already logged into the application (from different machine) When the same user(ie.user1)is logging into the application from another machine,I have to cut off the logging and I has to alert the user,(the user (ie user1) has already logged)).. Concept: one session per user.. please...
  4. one login per user[ Go to top ]

    Create a session registry which can be a clustered cache like jboss cache and while login and logout manage that cache... Query that cache to manage the one login per user...
  5. Follow the following steps: 1.For the first time the user logs in create a session obejct containing the user info. 2. Store the session object in the data base as CLOB or BLOB. This table should have userid as the primary key. You can have others columns as well which maintains the user log history. 3.For every request check whether the logged in user has the active session object in the database. If yes then thorw an Exception saying user is already logged in. NOTE: Session should be invalidated and made inactive in the databse upon user logout,closing of a browser,and session timeout.