tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Tim Diggins <>
Subject Re: Concurrent login detection - how?
Date Tue, 14 Jun 2005 18:36:53 GMT
And I presume you'd need to get/persist this java object to a database, 
if you fancied scaling beyond a single application server? (Or am I 
missing something?)

Andre Van Klaveren wrote:
> This will prevent users from having more than one session at a time
> for sure.  You would probably want to remove the id from the list when
> a duplicate is detected to prevent users from having to wait for their
> initial session to timeout in the event that they closed their browser
> without properly logging out.  You would also need to keep the session
> id in this list so that you can invalidate the session that is related
> to the id.
> This of course would drop the original session and in the event that
> two people were using the same ID it would become a nuisence for the
> first user to login (they would loose their session).
> You would want to make sure to log this event for auditing purpose as well.
> Did I miss anything?

To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message