You are viewing a plain text version of this content. The canonical link for it is here.

Posted to general@jakarta.apache.org by David Morton <sk...@mindspring.com> on 2001/03/23 03:47:01 UTC

Simultaneous Username/Password Detection

	I am building a system that protects content by username and password.  No 
problem there.  The more complicated part of the system prevents two people 
using the same username and password at the same time on our web site.  I 
have a plan to do this, but I haven't seen if there are any common 
methods/techniques/strategies/design patterns to do this in a jsp 
environment.  Nor do any of our developers have any experience in doing this.
	Currently, I am just going to store server generated sessionId's and 
userId's with other necessary data/time checks......of course the user must 
be able to take over use of that username and password because the browser 
may crash...or they forget to hit logout....and also I must flag when this 
happens too many times in a period of time as a red flag....obviously with 
an html web site, there is no 100% accurate way to only have one user using 
the site at once, however, I can build it well enough that 95% of the users 
that are giving out their passwords won't because it is annoying to keep 
re-logging in and being locked out for an hour if you trip one of our red 
flags.....thoughts?  experiences?
	This is not for a porn site, however, I bet that porn people have 
something like this.

David


---------------------------------------------------------------------
To unsubscribe, e-mail: general-unsubscribe@jakarta.apache.org
For additional commands, e-mail: general-help@jakarta.apache.org