JSP - deny concurrent access for users with the same username

C

carmelo

Hi everybody,
I need to develop a login system to check users access, using JSP, in
order to deny multiple concurrent access from different PCs. Somebody
told me that it's possible to do that using session ID... What do you
think about? How would you do that?


Thank you very much in advance for your help
Cheers
Carmelo
 
M

Martin Gregorie

Hi everybody,
I need to develop a login system to check users access, using JSP, in
order to deny multiple concurrent access from different PCs. Somebody
told me that it's possible to do that using session ID... What do you
think about? How would you do that?
Click to expand...
Add a logged-in flag to the list of valid users.
 
G

GArlington

Hi everybody,
I need to develop a login system to check users access, using JSP, in
order to deny multiple concurrent access from different PCs. Somebody
told me that it's possible to do that using session ID... What do you
think about? How would you do that?

Thank you very much in advance for your help
Cheers
Carmelo
Click to expand...

Yes, you can do it with sessions...
When the user logs in you create a session and flag the user profile
as locked/used...
When the user is logged out or when session expires you clear that
flag...
There is one point you should consider: what happens when legitimate
user logs in on computer1 and for whatever reason can NOT log out
(hardware failure?...) and attempts to log in from computer2 more or
less immediately?
 
C

carmelo

Yes, you can do it with sessions...
When the user logs in you create a session and flag the user profile
as locked/used...
When the user is logged out or when session expires you clear that
flag...
There is one point you should consider: what happens when legitimate
user logs in on computer1 and for whatever reason can NOT log out
(hardware failure?...) and attempts to log in from computer2 more or
less immediately?
Click to expand...

Thank you for your answer GArlington.
To deny concurrent users with the same username, do you think is a
better way using the Application object or the Session object?
 
C

carmelo

When the user is logged out or when session expires you clear that
flag...
Click to expand...


When he logs out it's easy to update the flag on a db table, but how
can I do when session expires?

Thank you again
Carmelo
 
G

gimme_this_gimme_that

It's complicated to set up but ....

But you could set up a VPN and make it so the user can only access
your site through the VPN.

And then configure the VPN so only one user can be logged in at a
time.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Concurrent data access management 9
Problem with a login script, SESSION user rights and put this together so it works with the other pages and MySQL. Code examples. 2
Struggling with the Automatic movement for my mobile game character 0
JSP login from only a single pc 24
Deny users access to assembly DLLs 2
Concurrent Communication between JSPs in the same Session 0
Deny access to htm files 7
prevent direct access to JSP 6

Members online

No members online now.
Total: 66 (members: 1, guests: 65)
Robots: 432

Forum statistics

Threads
473,995
Messages
2,570,228
Members
46,818
Latest member
SapanaCarpetStudio

Latest Threads

Top