Not Logged in with the same loggin-password if it is already registered.

[Ricardo Andres Quintero <rq...@ubiquando.com.co>]

Hello Guys
I need not to let users to login in my app simultaneosly.
I mean if a login-password is actually logged in, i need to
invalidatye that session and then let the new login-password 
to work in, after invalidating the old session.

Any ideas? and of course any examples?  

--
Ricardo Andrés Quintero R.
Ubiquando Ltda.


---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
For additional commands, e-mail: user-help@struts.apache.org

Re: Not Logged in with the same loggin-password if it is already registered.

[Bill Siggelkow <bi...@bellsouth.net>]

Maybe you could have a hashtable in the ServletContext that maps loginId 
to HttpSession -- then use a HttpSessionListener to listen for session 
creation -- when the session is created look for a value in the hashmap 
in the servlet context -- if it is there then invalidate the mapped 
session. Then add (put) the new mapping into the hashatable.

Ricardo Andres Quintero wrote:

> Hello Guys
> I need not to let users to login in my app simultaneosly.
> I mean if a login-password is actually logged in, i need to
> invalidatye that session and then let the new login-password 
> to work in, after invalidating the old session.
> 
> Any ideas? and of course any examples?  
> 
> --
> Ricardo Andrés Quintero R.
> Ubiquando Ltda.


---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
For additional commands, e-mail: user-help@struts.apache.org

RE: Not Logged in with the same loggin-password if it is already registered.

[David Friedman <hu...@ix.netcom.com>]

Ricardo,

I can't think of any easy way to do that strictly within JAAS, but you
didn't write if you were using JAAS.

If you are using an Account object (of some sort) in the Session context,
here is an idea for you:

Have an application-scope object containing a map of usernames (or id
numbers).  The object returned is a reference to the Account object in that
user's session.  If you login a second time, reset the stored Account object
to a blank user and/or blank id number so no actions will work with that ID
number, then put the newly logged-in users's Account object in the map
instead.

You could design your own RequestProcessor.processRoles() method to see if
the Application context as an Account object for that user with a blank user
or blank id number then kick out a message explaining that the account has
been logged off due to a login from another location or for another session.
That would provide a more polite explanation of why the user was logged out,
rather than him/her simply losing their session for unknown reasons.

If you're using JAAS, this could work in conjunction with it depending on
how you code it.

Regards,
David

-----Original Message-----
From: Ricardo Andres Quintero [mailto:rquintero@ubiquando.com.co]
Sent: Wednesday, July 28, 2004 3:04 PM
To: user@struts.apache.org
Subject: Not Logged in with the same loggin-password if it is already
registered.


Hello Guys
I need not to let users to login in my app simultaneosly.
I mean if a login-password is actually logged in, i need to
invalidatye that session and then let the new login-password
to work in, after invalidating the old session.

Any ideas? and of course any examples?

--
Ricardo Andrés Quintero R.
Ubiquando Ltda.


---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
For additional commands, e-mail: user-help@struts.apache.org


---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
For additional commands, e-mail: user-help@struts.apache.org