elmakarge
asked on
Oracle active user control with jsp
Hi dear experts,
I am developing intranet site with jsp & oracle. I opened database user in oracle for every intranet user. so When a user enter his username and password i connect he to db with this username&password. as long as a user actives in db with his username and password i dont want anybody to use this username and password. Shortly i dont want to open 2 sessions for same username and password in my applicatin.
To do this, should i check it from db ? if so how can i do this with oracle ? or should i do it with sessions ?
sincrely,
I am developing intranet site with jsp & oracle. I opened database user in oracle for every intranet user. so When a user enter his username and password i connect he to db with this username&password. as long as a user actives in db with his username and password i dont want anybody to use this username and password. Shortly i dont want to open 2 sessions for same username and password in my applicatin.
To do this, should i check it from db ? if so how can i do this with oracle ? or should i do it with sessions ?
sincrely,
ASKER
Ok! I got it
I dont know much about session time out in jsp. how can i handle it and how i can i understand time out of session ?
I dont know much about session time out in jsp. how can i handle it and how i can i understand time out of session ?
It will be kinda like this:
https://www.experts-exchange.com/questions/20514811/who's-accessing-my-system-in-jsp.html
and this
https://www.experts-exchange.com/questions/20146121/Detecting-and-acting-upon-a-JSP-http-session-timeout.html
And you can put this into your WEB-INF/web.xml
<session-timeout>60</sessi
which will time out the session in 60 minutes :-) (you can change the 60 obviously) :-)
Hope I've helped!
Tim
https://www.experts-exchange.com/questions/20514811/who's-accessing-my-system-in-jsp.html
and this
https://www.experts-exchange.com/questions/20146121/Detecting-and-acting-upon-a-JSP-http-session-timeout.html
And you can put this into your WEB-INF/web.xml
<session-timeout>60</sessi
which will time out the session in 60 minutes :-) (you can change the 60 obviously) :-)
Hope I've helped!
Tim
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
> private static int activeSessions = 0;
Tim, why do you use "static" ?
Won't the container make one instance of AppSessionCounter ? rrz
Tim, why do you use "static" ?
Won't the container make one instance of AppSessionCounter ? rrz
Yeah, but then you have to get at the value from other classes, and I don't know of any way to "lookup" a filter using the applicationContext...
There could be a way I don't know about though...
Otherwise, how would you get the value from a jsp, or another class?
There could be a way I don't know about though...
Otherwise, how would you get the value from a jsp, or another class?
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
oooh... I s'pose it's neater :-) But maybe a bit more transparent?
I dunno...it's decisions like these that I tend to toss a coin on ;-)
I dunno...it's decisions like these that I tend to toss a coin on ;-)
When a user logs in, add them to a static hashtable with their username as the key, and the session as a value
When someone logs in, if the username already exists in the hashtable, then get the session that it was tied to, and invalidate it
When they log out, remove them from the hashtable
When the session is removed (due to timeout), remove them from the hashtable
That should work :-)
Tim