You are viewing a plain text version of this content. The canonical link for it is here.
Posted to general@jakarta.apache.org by David Morton <sk...@mindspring.com> on 2001/03/23 03:47:01 UTC
Simultaneous Username/Password Detection
I am building a system that protects content by username and password. No
problem there. The more complicated part of the system prevents two people
using the same username and password at the same time on our web site. I
have a plan to do this, but I haven't seen if there are any common
methods/techniques/strategies/design patterns to do this in a jsp
environment. Nor do any of our developers have any experience in doing this.
Currently, I am just going to store server generated sessionId's and
userId's with other necessary data/time checks......of course the user must
be able to take over use of that username and password because the browser
may crash...or they forget to hit logout....and also I must flag when this
happens too many times in a period of time as a red flag....obviously with
an html web site, there is no 100% accurate way to only have one user using
the site at once, however, I can build it well enough that 95% of the users
that are giving out their passwords won't because it is annoying to keep
re-logging in and being locked out for an hour if you trip one of our red
flags.....thoughts? experiences?
This is not for a porn site, however, I bet that porn people have
something like this.
David
---------------------------------------------------------------------
To unsubscribe, e-mail: general-unsubscribe@jakarta.apache.org
For additional commands, e-mail: general-help@jakarta.apache.org