You are viewing a plain text version of this content. The canonical link for it is here.

Posted to user@turbine.apache.org by Daniel O'Neil <da...@westpole.com> on 2003/12/12 22:01:28 UTC

managing multiple login attempts for the same user

Hi,

We are trying to use Turbine Security to manage logins.  We would like to prevent anyone from
being on a specific account at the same time, but I'm having trouble identifying exactly how
Turbine identifies whether or not a user has logged in.  The code I'm using looks like this:

         User user = null;
         // Authenticate the user and get the object.
         user =  TurbineSecurity.getAuthenticatedUser( username, password );               
         if(!user.hasLoggedIn()){   
           // Store the user object.
           data.setUser(user);                           
           // Mark the user as being logged in.
           user.setHasLoggedIn(new Boolean(true));                 
           // Set the last_login date in the database.
           user.updateLastLogin();
         }
         else (
          ...
         {
          
Now, it seems to me that once the setHasLoggedIn method is called, that any other attempts to 
log in with that user id from another computer could be checked with the 
user.hasLoggedIn() method.  This turns out not to be true; essentially the hasLoggedIn method
seems to work only for that particular login.

Is there something obvious I'm missing?

thanks
Daniel

---------------------------------------------------------------------
To unsubscribe, e-mail: turbine-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: turbine-user-help@jakarta.apache.org