Oracle active user control with jsp

Hi dear experts,
I am developing intranet site  with jsp & oracle.   I opened database user in oracle for every intranet user. so When a user enter his username and password i connect he to db with this username&password. as long as  a user actives in db with his username and password  i dont want anybody to   use this username and password. Shortly  i dont want to open 2 sessions for same username and password in my applicatin.
To do this,  should i check it from db ? if so how can i do this with oracle ? or should i do it with sessions ?
sincrely,

   
elmakargeAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

TimYatesCommented:
Yeah, you can do this with a sessionlistener

When a user logs in, add them to a static hashtable with their username as the key, and the session as a value

When someone logs in, if the username already exists in the hashtable, then get the session that it was tied to, and invalidate it

When they log out, remove them from the hashtable

When the session is removed (due to timeout), remove them from the hashtable

That should work :-)

Tim
elmakargeAuthor Commented:
Ok! I got it
I dont know much about session time out in jsp.   how can i handle it and how i can i understand  time out of session ?
TimYatesCommented:
It will be kinda like this:

http://www.experts-exchange.com/Web/Web_Languages/JSP/Q_20514811.html

and this

http://www.experts-exchange.com/Programming/Programming_Languages/Java/Q_20146121.html

And you can put this into your WEB-INF/web.xml

    <session-timeout>60</session-timeout>

which will time out the session in 60 minutes :-)  (you can change the 60 obviously) :-)

Hope I've helped!

Tim
Starting with Angular 5

Learn the essential features and functions of the popular JavaScript framework for building mobile, desktop and web applications.

TimYatesCommented:
Also this should help:

Adapted from http://saloon.javaranch.com/cgi-bin/ubb/ultimatebb.cgi?ubb=get_topic&f=18&t=000652

This counts the number of users, you want to store their sessions in a hashtable...should be a relatively minor change :-)

----------------

pcakage listener ;

import javax.servlet.http.HttpSessionListener;
import javax.servlet.http.HttpSessionEvent;

public class AppSessionCounter implements HttpSessionListener
{
    private static int activeSessions = 0;

    // Create a new session.
    public void sessionCreated(HttpSessionEvent se){
        System.out.println("Inside sessionCreated");
        System.out.println("Before New session createb = " + activeSessions);
        activeSessions++;
        System.out.println("After New session count = " + activeSessions);
    }

    // Destroy the session
    public void sessionDestroyed(HttpSessionEvent se){
        System.out.println("Inside sessionDestroyed");
        if (activeSessions > 0)
        {
            System.out.println("Count before destroyed = " + activeSessions);
            activeSessions--;
            System.out.println("Count after destroyed = " + activeSessions);
        }
    }

    // get the count of active session.
    public static int getActiveSessions(){
        return activeSessions;
    }
}

put that class into WEB-INF/classes/listener and add this in WEB-INF/web.xml

<listener>
    <listener-class>
        listener.AppSessionCounter
    </listener-class>
</listener>

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
rrzCommented:
> private static int activeSessions = 0;
Tim, why do you use  "static"  ?  
Won't the  container  make one instance of  AppSessionCounter   ?        rrz
TimYatesCommented:
Yeah, but then you have to get at the value from other classes, and I don't know of any way to "lookup" a filter using the applicationContext...

There could be a way I don't know about though...

Otherwise, how would you get the value from a jsp, or another class?
rrzCommented:
Tim, I don't know if his code is any better but in Matry Hall's book "More Servlets ....."  he stores the listener object in the servlet context.  

httpSessionEvent.getSession().getServletContext().setAttribute("sessionCounter", this);
and in JSP he uses
<jsp:useBean .....          rrz
TimYatesCommented:
oooh...  I s'pose it's neater :-)  But maybe a bit more transparent?

I dunno...it's decisions like these that I tend to toss a coin on ;-)
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
JSP

From novice to tech pro — start learning today.