tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Tim Diggins <subscri...@red56.co.uk>
Subject Re: Concurrent login detection - how?
Date Tue, 14 Jun 2005 18:36:53 GMT
And I presume you'd need to get/persist this java object to a database, 
if you fancied scaling beyond a single application server? (Or am I 
missing something?)


Andre Van Klaveren wrote:
> This will prevent users from having more than one session at a time
> for sure.  You would probably want to remove the id from the list when
> a duplicate is detected to prevent users from having to wait for their
> initial session to timeout in the event that they closed their browser
> without properly logging out.  You would also need to keep the session
> id in this list so that you can invalidate the session that is related
> to the id.
> 
> This of course would drop the original session and in the event that
> two people were using the same ID it would become a nuisence for the
> first user to login (they would loose their session).
> 
> You would want to make sure to log this event for auditing purpose as well.
> 
> Did I miss anything?
> 


---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org


Mime
View raw message