tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Andre Van Klaveren <nyb...@gmail.com>
Subject Re: Concurrent login detection - how?
Date Tue, 14 Jun 2005 17:13:55 GMT
This will prevent users from having more than one session at a time
for sure.  You would probably want to remove the id from the list when
a duplicate is detected to prevent users from having to wait for their
initial session to timeout in the event that they closed their browser
without properly logging out.  You would also need to keep the session
id in this list so that you can invalidate the session that is related
to the id.

This of course would drop the original session and in the event that
two people were using the same ID it would become a nuisence for the
first user to login (they would loose their session).

You would want to make sure to log this event for auditing purpose as well.

Did I miss anything?

-- 
Virtually,
Andre Van Klaveren
Architect III, SCP
Enterprise Transformation Services
Unisys Corporation

---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org


Mime
View raw message