Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 220
  • Last Modified:

Storing an application wide variable in a clustered environment

I'm working on a security issue that prevents a user from logging on if they already have an existing session on the server.  I found a good solution for this where I store the user's id in a HashSet inside the ServletContext when they log on, so if they log in again, I just check do a "contains(userId)" and find out if they are logged on.  The problem with this is, I don't think the ServletContext is shared between clustered machines.  I thought about using the database, but if the power goes out on the application server, the record will remain in the table instead of being removed at the end of the session.  

I'd appreciate any ideas.
0
sb1977
Asked:
sb1977
  • 3
  • 2
2 Solutions
 
rrzCommented:
>I thought about using the database, but if the power goes out on the application server, the record will remain in the table instead of being removed at the end of the session.    
You could create a servlet that  loads on start-up  that could clear your db record and start fresh.    
I guess you are doing something like what dicussed at  
http://www.experts-exchange.com/Web/Web_Languages/JSP/Q_21794750.html     
0
 
rrzCommented:
>I don't think the ServletContext is shared between clustered machines.    
I am not sure about that.  I don't have experience with clustering but it doesn't sound right. I guess you saw these pages.
http://www.onjava.com/pub/a/onjava/2004/03/31/clustering.html
http://www.onjava.com/pub/a/onjava/2004/04/14/clustering.html?page=1     
You should post your configuration. So, if an expert see this, he will be able to comment.     rrz
0
 
bloodredsunCommented:
>>I don't think the ServletContext is shared between clustered machines.  

That's correct from my experience with WebSphere clusters
0
 
rrzCommented:
Thanks bloodredsun. ( nice picture)
What about using a Servlet or Filter  init  methods ? Is that a good idea ?
0
 
bloodredsunCommented:
I think rrz is right in suggesting a servlet. Use a load on startup servlet that cleans out the table in the database in case of a crash and your problem is solved.
0

Featured Post

Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

  • 3
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now