Oracle active user control with jsp

Hi dear experts,
I am developing intranet site  with jsp & oracle.   I opened database user in oracle for every intranet user. so When a user enter his username and password i connect he to db with this username&password. as long as  a user actives in db with his username and password  i dont want anybody to   use this username and password. Shortly  i dont want to open 2 sessions for same username and password in my applicatin.
To do this,  should i check it from db ? if so how can i do this with oracle ? or should i do it with sessions ?
sincrely,

   
elmakargeAsked:
Who is Participating?
 
TimYatesCommented:
Also this should help:

Adapted from http://saloon.javaranch.com/cgi-bin/ubb/ultimatebb.cgi?ubb=get_topic&f=18&t=000652

This counts the number of users, you want to store their sessions in a hashtable...should be a relatively minor change :-)

----------------

pcakage listener ;

import javax.servlet.http.HttpSessionListener;
import javax.servlet.http.HttpSessionEvent;

public class AppSessionCounter implements HttpSessionListener
{
    private static int activeSessions = 0;

    // Create a new session.
    public void sessionCreated(HttpSessionEvent se){
        System.out.println("Inside sessionCreated");
        System.out.println("Before New session createb = " + activeSessions);
        activeSessions++;
        System.out.println("After New session count = " + activeSessions);
    }

    // Destroy the session
    public void sessionDestroyed(HttpSessionEvent se){
        System.out.println("Inside sessionDestroyed");
        if (activeSessions > 0)
        {
            System.out.println("Count before destroyed = " + activeSessions);
            activeSessions--;
            System.out.println("Count after destroyed = " + activeSessions);
        }
    }

    // get the count of active session.
    public static int getActiveSessions(){
        return activeSessions;
    }
}

put that class into WEB-INF/classes/listener and add this in WEB-INF/web.xml

<listener>
    <listener-class>
        listener.AppSessionCounter
    </listener-class>
</listener>

0
 
TimYatesCommented:
Yeah, you can do this with a sessionlistener

When a user logs in, add them to a static hashtable with their username as the key, and the session as a value

When someone logs in, if the username already exists in the hashtable, then get the session that it was tied to, and invalidate it

When they log out, remove them from the hashtable

When the session is removed (due to timeout), remove them from the hashtable

That should work :-)

Tim
0
 
elmakargeAuthor Commented:
Ok! I got it
I dont know much about session time out in jsp.   how can i handle it and how i can i understand  time out of session ?
0
Cloud Class® Course: Ruby Fundamentals

This course will introduce you to Ruby, as well as teach you about classes, methods, variables, data structures, loops, enumerable methods, and finishing touches.

 
TimYatesCommented:
It will be kinda like this:

http://www.experts-exchange.com/Web/Web_Languages/JSP/Q_20514811.html

and this

http://www.experts-exchange.com/Programming/Programming_Languages/Java/Q_20146121.html

And you can put this into your WEB-INF/web.xml

    <session-timeout>60</session-timeout>

which will time out the session in 60 minutes :-)  (you can change the 60 obviously) :-)

Hope I've helped!

Tim
0
 
rrzCommented:
> private static int activeSessions = 0;
Tim, why do you use  "static"  ?  
Won't the  container  make one instance of  AppSessionCounter   ?        rrz
0
 
TimYatesCommented:
Yeah, but then you have to get at the value from other classes, and I don't know of any way to "lookup" a filter using the applicationContext...

There could be a way I don't know about though...

Otherwise, how would you get the value from a jsp, or another class?
0
 
rrzCommented:
Tim, I don't know if his code is any better but in Matry Hall's book "More Servlets ....."  he stores the listener object in the servlet context.  

httpSessionEvent.getSession().getServletContext().setAttribute("sessionCounter", this);
and in JSP he uses
<jsp:useBean .....          rrz
0
 
TimYatesCommented:
oooh...  I s'pose it's neater :-)  But maybe a bit more transparent?

I dunno...it's decisions like these that I tend to toss a coin on ;-)
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.