Organizational Research By

Surprising Reserch Topic

how to invalidate an user session when he logs twice with the same credentials using -'java,session,jsf,richfaces,facelets'


how to invalidate an user session when he logs twice with the same credentials  using -'java,session,jsf,richfaces,facelets'

I'm using JSF 1.2 with Richfaces and Facelets.

I have an application with many session-scoped beans and some application beans.

The user logs in with, let's say, Firefox. A session is created with ID="A";
Then he opens Chrome and logs in again with the same credentials. A session is created with ID="B".

When the session "B" is created, I want to be able to destroy session "A". How to do that?

Also. when the user in Firefox does anything, I want to be able to display a popup or some kind of notification saying "You have been logged out because you have logged in from somewhere else".

I have a sessionListener who keeps track of the sessions created and destroyed. The thing is, I could save the HTTPSession object in a application-scoped bean and destroy it when I detect that the user has logged in twice. But something tells me that is just wrong and won't work.

Does JSF keep track of the sessions somewhere on the server side? How to access them by identifier? If not, how to kick out the first log in of an user when he logs in twice?
    
asked Sep 7, 2015 by rajesh
0 votes
19 views



Related Hot Questions



Government Jobs Opening


...