Ask a Question
Advertise on boostr.in
Organizational Research By
Surprising Reserch Topic
how to invalidate an user session when he logs twice with the same credentials using -'java,session,jsf,richfaces,facelets'
how to invalidate an user session when he logs twice with the same credentials ¬†using -'java,session,jsf,richfaces,facelets'
I'm using JSF 1.2 with Richfaces and Facelets.
I have an application with many session-scoped beans and some application beans.
The user logs in with, let's say, Firefox. A session is created with ID="A";
Then he opens Chrome and logs in again with the same credentials. A session is created with ID="B".
When the session "B" is created, I want to be able to destroy session "A". How to do that?
Also. when the user in Firefox does anything, I want to be able to display a popup or some kind of notification saying "You have been logged out because you have logged in from somewhere else".
I have a sessionListener who keeps track of the sessions created and destroyed. The thing is, I could save the HTTPSession object in a application-scoped bean and destroy it when I detect that the user has logged in twice. But something tells me that is just wrong and won't work.
Does JSF keep track of the sessions somewhere on the server side? How to access them by identifier? If not, how to kick out the first log in of an user when he logs in twice?
Sep 7, 2015
to add a comment.
Related Hot Questions
Your name to display (optional):
Email me at this address if my answer is selected or commented on:
Email me if my answer is selected or commented on
Privacy: Your email address will only be used for sending these notifications.
To avoid this verification in future, please