How to restrict a user to login twice

hei evryone!
Here's my prob... I need to restrict a user to login more than once meaning, if a certain user account is currently login , that account cannot be used concurrently using another window or machine... If another user attempts to login, using that same account an error message will be displayed saying "this user account is already logged in".. i tried to do this in javascript but the code that i've got only works for IE and its kinda hard to capture the event for closing window.. plus using onunload is not advisable with my situation since my webpage can be redirected to other codes meaning the cause of unloading the page could either be closing the browser or redirecting the window to another page such as window.location="anothercode.jsp";... I was wondering if there's a way to do this in jsp...
Any suggestions, ideas, or sample codes would be deeply appreciated. Thanks in advance!
btw, i need to generate a code that is cross browser.. What i really need to accomplish is to be able to determine when the browser is closed either by clicking the X button on the window, alt f4 or my own close button and not when the page is unloaded.
Here's a sample code : This only works in IE =(
---------- default.jsp-------------------------
<html>
<head>
<script language="Javascript">
     onunload=function(e) {      
     winX = navigator.appName=="Microsoft Internet Explorer" ? window.event.clientX : e.screenX;
     winY =navigator.appName=="Microsoft Internet Explorer" ? window.event.clientY :e.screenY;
if (winX<0 && winY<0)
          // redirect to logout.jsp n do some stuff
</script>
</head>
<body>
Logout
List
View Schedules
</body>
</html>
the default screen would be the code above: "default.jsp" wherein there are many ways that the page
can be unloaded such as :
- clicking the logout link
- click the View Schedules
- click the x button the left side of the window
- alt f4
- if the window is minimized , right click then select close option
Now, what i needed to do is to determined when the browser is closed so i reset the login flag of the account and can be used later on.

hei everyone!
im tryin to resolve this prob by adding a session id field on the users table. Everytime a user logs in i will update the session id field so that if anyone attempts to use the same account i will redirect the later into the login page with a warning msg. I'll do this by comparing the session id that u got from the dbase and the session id from request.getSessionId() of the browser. However, my prolem now is how to cleanup my database.. i need the cleanup coz i have a user tracking screen wherein i cud show who's account are login n who's not. I have created an applet and embed it in all of jsp files so that i cud catch the event for closing window whether by using the x button of the window or a power intrerruption. However, i need to find a way where i cud determine whether the event was really a close window or just a redirection from another page. I mean , you could leave the page either by viewing another screen or by actually closing the window.. For instance, my main page has main menu which are (1) View Users and (2) View Schedule .By default, im in the "View Users" screen . These two menus have their corresponding jsp n both jsp files have an embeded applet. So if the user click the "View Schedules " screen or if the user chooses to click the logout button or window's x button to exit the browser, then the applet will call the stop method. This what i meant by how will i determine if the user really exits on my application or not.. Coz if the user clicks from one screen to another then, user actually does not leave my application the user only exit on my application if the user logs out or close the window..
Please help me out on this matter... Thanks in advance!

Similar Messages

  • How to restrict the user(Schema) from deleting the data from a table

    Hi All,
    I have scenario here.
    I want to know how to restrict a user(Schema) from deleting the values from a table created in the same schema.
    Below is the example.
    I have created a table employee in abc schema which has two values.
    EMPLOYEE
    ABC
    XYZ
    In the above scenario the abc user can only fire select query on the EMPLOYEE table.
    SELECT * FROM EMPLOYEE;
    He should not be able to use any other DML commands on that table.
    If he uses then Insufficient privileges error should be thrown.
    Can anyone please help me out on this.

    Hi,
    kumar0828 wrote:
    Hi Frank,
    Thanks for the reply.
    Can you please elaborate on how to add policies for a table for just firing a select DML statement on table.See the SQL Packages and Types manual first. It has examples. You can also search the web for examples. This is sometimes called "Virtual Private Database" or VPD.
    If you have problems, post a specific question here. Include CREATE TABLE and INSERT statements to create a table as it exists before the policies go into effect, the PL/SQL code to create the policies, and additonal DML statements that will be affected by the policies. Show what the table should contain after each of those DML statements.
    Always say which version of Oracle you're using. Confirm that you have Enterprise Edition.
    See the forum FAQ {message:id=9360002}
    The basic idea behind row-level security is that it generates a string that is automatically added to SELECT and/or DML statement WHERE clauses. For example, if user ABC is only allowed to query a table on Sunday, then you might write a function that returns the string
    USER  != 'ABC'
    OR      TO_CHAR (SYSDATE, 'DY', 'NLS_DATE_LANGUAGE=ENGLISH') = 'SUN'So whenever any user says
    SELECT  *
    FROM    table_x
    ;what actually runs is:
    SELECT  *
    FROM    table_x
    WHERE   USER  != 'ABC'
    OR      TO_CHAR (SYSDATE, 'DY', 'NLS_DATE_LANGUAGE=ENGLISH') = 'SUN'
    ;If you want to prevent any user from deleting rows, then the policy function can return just this string
    0 = 1Then, if somone says
    DELETE  employee
    ;what actually gets run is
    DELETE  employee
    WHERE   0 = 1
    ;No error will be raised, but no rows will be deleted.
    Once again, it would be simpler, more efficient, more robust and easier to maintain if you just created the table in a different schema, and not give DELETE privileges.
    Edited by: Frank Kulash on Nov 2, 2012 10:26 AM
    I just saw the previous response, which makes some additional good points (e.g., a user can always TRUNCATE his own tables). ALso, if user ABC applies a security policy to the table, then user ABC can also remove the policy, so if you really want to prevent user ABC from deleting rows, no matter how hard the user tries, then you need to create the policies in a different schema. If you're creating things in a different schema, then you might as well create the table in a different schema.

  • How to restrict the user in MIRO for not modifying  price

    Hi All 
    My requirement is How to restrict the users in MIRO screen for not modifying Material Prices  of only the for specific  ROH types .
    For example :
    Valuation class             RM description
      3021                             RM - A
      3022                             RM - B
      3024                             RM - C
    when ever we procure  the above Raw materials A,B and C and
    the Quantity of each Raw material @ 10 units  and value @ 1 INR  for each unit
    RM - A procured qty 10 @1 total price is INR  10
    RM - B procured qty 10 @1 total  price is INR 10
    RM - C procured qty 10 @1 total  price is INR 10
    total price of PO is INR 30
    when we received invoice material prices are  assume it INR 1 is excess for each material.Now the invoice price for each RM has become INR 11.
    in MIRO we want restrict the user to change the price from INR 10 to 11.
    suggest the best possible ways to restrict in MIRO screen
    Thanks & Regards
    Mala

    Dear:   
                      Take help of ABABPER fo implement exit using INVOICE_UPDATE or MRMH0003 Logistics Invoice Verification: Revaluation/RAP exit. If this does not help then seek help of MM functional who will help you to find exit for the required task.
    rEGARDS

  • How to restrict the user from making any changes in Sales order- item level

    Hi to all
    How to restrict the users from making any changes in sales order at item level if the same sales order is released by senior user through status profile.
    Regards
    Anish Parikh
    Edited by: anish parikh on Jan 24, 2008 5:16 AM

    Hi Anish,
    This can be achieved through the roles and authorization.
    This can be done through the basis team. they can create user profiles and roles.
    For the roles they assign some transaction codes so that they can view the only assigned tr. codes.
    Like that ur requirement can be done.
    Also u can prevent the user to change any fields in the sales order screen (VA02). for that please modify the authorisations.
    Hope i answers.
    Reward points if useful.
    Edited by: kaleeswaran bhoopathy on Jan 24, 2008 9:57 AM

  • How to restrict the user to enter only numeric values in a input field

    How to restrict the user to enter only numeric values in a input field.
    For example,
    i have an input field in that i would like to enter
    only numeric values. no special characters,alphabets .
    reply ASAP

    Hi Venuthurupalli,
    As valery has said once you select the value to be of type integer,once you perform an action it will be validated and error message that non numeric characters are there will be shown. If you want to set additional constraints like max value, min value etc you can use simple types for it.
    On the project structure on left hand side under local dictionary ->datatypes->simple types create a simple type of type integer
    The attribute which you are binding to value property ;make its type as simple type which you made
    Hope this helps you
    Regards
    Rohit

  • How to restrict the user for re-submitting the same form

    Hi All,
    I would like to know, How to restrict a user for re-submitting the same page.
    I have a jsp page with submit button... and should not allow the user to save the same data again ..
    Anil

    Try the followings. If user disable cookies, this will not work. You need to modify to detect such situation!
    String processed = "mycooke";
    Cookie[] cookies = request.getCookies();
    Cookie c = null;
    if (cookies!=null) {
       for (int i=0; i < cookies.length; i++) {
           if (cookies.getName.equals(processed)) {
    c = cookies[i];
    break;
    if (c!=null) {
    // already processed.
    // send error message and exit.
    // set cookie;
    c = new Cookie(processed , "yourdata");
    c.setMaxAge(-1);
    response.addCookie(c);
    // process as it is the first;

  • How to Restrict a user to a access a particular table

    HI ,
    how to restrict an user to a one particular table and he should have only dispaly authorization for that , can anyone suggest me how to do this.

    Hi,
    Is it a standard table ? S_TABU_DIS (Client Dependant) and S_TABU_CLI (Cross client) are the the authorization objects that controls table maintenance. With Authorization group and activity 03, you can give user access only to Display.
    You can look at table TDDAT to find the authorization group of the table. If it is a custom table for which original t-code is SM30 ( You can look at SU24 to verify that) and it does not have authorization group assigned to it, then you can ask your developer to assign authorization group to the table using t-code SE54. then again make use of S_tabu_dis with activity 03 and Auth group as designed to restrict access.
    Also something to look for is Note 1481950 - New authorization check for generic table access using new auth object S_TABU_NAM. Remember Bernhard talking about it.
    Edited by: Nishant Sourabh on Oct 1, 2010 8:13 PM

  • Restrict AD users from login sharepoint?

    Dear all,
    I have setup User Profile Sync with my AD for particular AD group "Sharepoint Users" only. After the sync timer job run, I can see the user profiles built up. However, there is a user "outsider" not in "Sharepoint Users"
    group is able to login Sharepoint. After he login his user profile is auto built in Sharepoint.
    May I know is it default setting? If so how can I restrict only "Sharepoint Users" can login Sharepoint? Thanks.
    Mark

    Hi Mark,
    This is by design. When a user logs in to SharePoint, SharePoint checks to see if this user has permissions in the current site (or list/item). If the user has permissions, he can log in to SharePoint, it doesn't matter if he has a user profile or not.
    I think the user has permissions on the site he is trying to access. These can be permissions given to him directly, or he is member of a AD security group that allows him to access the site.
    You can check this by going to Site Actions -> Site Settings -> Site Permissions. In the ribbon, click "Check Permissions". Enter the username for that user and you can see how the user is given permissions to the site.
    Nico Martens - MCTS, MCITP
    SharePoint 2010 Infrastructure Consultant / Trainer

  • How to restrict the number of login attempts?

    Hi,
    Is there any "out of the box" solution to restrict the number of login attempts
    in personalization server?
    Thanks

    why is it obvious he wants to restrict instances
    of program, rather than instances in
    it? it's not obvious, but it's what I think he meant
    he asked "how to restrict the number of instances in
    a program". it has the words "instances" and
    "program" in it, but not the word "class". on face
    value, yes, he's asking about instances within one
    JVM. knowing a bit about how newbs minds work, I'm
    reading between the lines and I reckon he meant
    instances of his program. had he meant
    "instances of classes" he'd have said so. "instances
    in a program" sounds like somebody more experienced
    talking, which if he was, he'd know how to do limit
    either instances of classes or instances of
    his program, and wouldn't be asking. I could be
    totally wrong, but I don't think I am; that's what I
    inferred from his post. only the OP knows for sureInteresting.
    The OP also said "to any number". So you were guessing that this particular user wants to only permit, for example, five instances to be run on any one box at one time?

  • How to restrict a user typing a custom value in the dDocAccount field.

    I have dDocAccount field drop down pre-populated with 2 values - Dept1, Dept2. However, user can able to type any other values (say Dept3) in the account text box and checkin a doc from WCC UI. How to restrict user from entering custom values?
    As an alternate solution - for time being i have the above account field is set as hidden using rule. I am trying to derive the account value from another one field's value (say Departments field with values Dept1, Dept2). I tried below code and found working:
    Department is a custom field created as option list with values Dept1, Dept2
    Under the Rules, for the field dDocAccount, is derived field checked and added below code
    <$dprDerivedValue=#active.xDepartment, getValue("#local","dOption")$>

    Hi,
    If Department is a custom metadata then you should access it like xDepartment(as any other custom metadata), not dDepartment.
    I know it is also possible to change the HTML that is generated for the dDocAccount field, to add javascript validation and so on, maybe this approach plus some additional JS and HTML twists and you should get it working(via component development).
    Hope it helps,
    Vlad

  • How to Restrict the users in oracle applications

    Hi,
    I want to Restrict the users in oracle applications without using database
    can any one please expalin me how to resttrict the users using middletier
    Thanks
    Gita

    HI srini ,
    my application version 12.0.4 and database is 10.2.0.4
    and i want to restrict the No of users
    exp i have have 500 users and i want restrict to 100 only
    how can i do that please explain
    Thanks,
    Sudheer

  • How to restrict some users from viewing a screen of standard transaction

    Hi All,
    I need to restrict certain user ids from viewing the 'Payment Transactions' screen for the below mentioned transactions.
    FK01, FK02, FK03, MK01, MK02, MK03, XK01, XK02, XK03
    The Basis consultant has tried to configure it. However its not working. So need to find other solution.
    For all transactions other than FK01, MK01, XK01 (create vendor), the BAdi GOS_SRV_SELECT is called before the payment transaction screen appears. But for transactions FK01, MK01and XK0, no such BAdi is there.
    Also I'm not able to figure out how to restrict that particular screen using Badi GOS_SRV_SELECT. What will be the service name for this?
    Please help !!!
    Thanks in advance,
    Radhika

    hi,
    u can do this using user exits.
    identify the appropriate exit for ur transaction and thn put condition like
    if username = ...
    loop at screen.
    hide..
    endloop.
    i was just trying to give u some hint .make it to ur best.
    reward if hlpful.

  • How to restrict the user id to a specific company code?

    Hi,
    I want to restrict a user id to access a specific company code only for both customizing and application data creation. This means that the user id can do customizing and create application data for that company code only and not for any other company codes.
    how can i do this?

    Hello Raja,
    You requirement of restricting users for application data can solved by adding the company code in the organization level button and the user will be restricted to mainatin application (transaction) data for the org element for which he is authorized for, if the transaction has objects which check company code.
    Customizing data authorization can be very tricky, as most of the customizing transactions are for maintaining customizing tables will not necessarily have an authorization check for org elements. In this case you may to manually insert a object called S_TABU_LIN alongwith S_TABU_DIS it will perform the job of restricting authorizations.
    In cases where the end user is accessing tables directly with SE16 S_TABU_DIS is the object that is check and maintained in PFCG.But,Such a restriction cannot be made with S_TABU_DIS alone. Fortunately SAP provides us with another authorization object S_TABU_LIN (Authorization for Organizational Unit), which can be used in conjunction with S_TABU_DIS to enforce such a restriction.
    This authorization object works only with Maintenance Views and Customizing tables. Also note that an Organization Criterion is a prerequisite for implementing the same
    A detailed step by step procedure to be followed is given below:
    1. The first step in implementation of line authorization is defining an Organization Criterion. For this we need to access the u201CSAP Reference IMGu201D customization page from SPRO transaction.
    2. From the IMG display screen select SAP Web Application Server -> System Administration -> Users and Authorizations -> Line Oriented Authorizations. Select the execute ( ) button for the u201CDefine Organization Criteriau201D.
    3. The resulting table display show all available Org Criteria values existing in the system. For our purposes we will create a new Org Criteria to suit our needs. Select the tab u201CNew Entriesu201D as shown below.
    4. Give an appropriate name starting with Y or Z for the new value. Note that a name starting with another letter will not be accepted by the SAP system. Click on u2018Saveu2019 button to save the newly created Org Criteria. This opens a new window asking for a Workbench Transport Request. This would be required so as to transport the new Line authorization restrictions further to the test and production systems.
    5. Now select the new Org Criterion u201CY_TESTu201D and double-click the u201CAttributesu201D tab as below to define the various Org Attributes.
    6. Provide the new Attribute name and Description for the same. Also fill the Authorization field value from the provided dropdown (1st Org Criterion Attribute u2026. 8th Org Criterion Attribute). The search help field is an optional field which can be filled if a search criterion exists or has been created earlier for the specific purpose. This field enables the u201CF4u201D when filling entries in the authorization object
    7. We already have a search help (C_T001) available, which provides as an F4 help the list of all available Company Codes in the system.
    Note that we can create up to 8 Org Attributes as per our requirements (by selecting u201CNew Entriesu201D tab), each corresponding to a column in the target table.
    8. Selecting the attributes link again will show us a list of all defined attributes and the authorization Field it will appear in. Now that we have defined the Attribute Field that we require, we need to associate each attribute to the corresponding Table Field in the target table.
    Select one of the attributes as below and double-click on the u201CTable Fieldsu201D button to define the field associations.
    9. Select the u201CNew Entriesu201D tab to create a new table field association.
    10. The View/table field must be filled with the target table which we need to control.
    11. The u201CField Nameu201D will require the field name of the target table which be linked with the specific Org Attribute. Performing an F4 on this field will display the list of all possible fields available in the View/table provided earlier. Here we will select the field name BUKRS (Company Code). Save the entries in the same workbench request created earlier.
    12. The next step would be to activate this new Org Criterion so that SAP now checks the authorization for S_TABU_LIN for every user
    13. In the u2018IMG displayu2019 go to SAP Web Application Server -> System Administration -> Users and Authorizations -> Line Oriented Authorizations. Select execute ( ) button for the u201CActivate Organization Criteriau201D.
    14. From the resulting customization screen tick the check-box for the Org Criterion that we have created. On saving the settings the system then asks for a Customizing Transport Request for further transport into test and development systems.
    15. Any user without this authorization will not be allowed in to the SM30 display/change screen for this table.
    16. In the role for which the S_TABU_DIS provides maintenance access for the table , we will now also need to maintain the object S_TABU_LIN.
    17. On selecting change button besides any authorization field you will need to select the Organization criterion which needs to be maintained here. Note that only one Org Criterion can be maintained in one instance of S_TABU_LIN object.

  • How to access the User's login portal ID?

    Hi all,
         How to access the user's portal login id??
       Thanks,
       Anirudh.

    Hi
    Try this
    String loginuser="";
         try{
              IWDClientUser wdUser = WDClientUser.getCurrentUser();
              IUser user = wdUser.getSAPUser();
              if(user != null)
                   IUserAccount acct[] = user.getUserAccounts();
                   if(acct[0] != null)
                        loginuser = acct[0].getLogonUid();
                        strUserid = strUserid + acct[0].getLogonUid();
    }catch(Exception e){
    Kind Regards
    Mukesh

  • How to restrict the user from accessing other screens before submittingdata

    Hi All,
      I have some screens developed in Webdynpro ABAP and all these have been linked to Portal as pages. In Portal If i click on the link in detailed navigation i can see the corresponding screen on the right side. Now in one screen i have to input some data and submit the data, Now my problem is if i enter some data and before submitting the data if i click on any other link in the detailed navigation, that corresponding screen is opening and all the data of the previous screen is lost.
    Can any one suggest me, how can i restrict the user from accessing other screens before submitting the data of that screen from portal perspective.

    Hi Prasanna,
    The pages can be restricted from the user access by using the ACL permission or you can restrict the page by making invisible in navigation area which you do not want to show to the user . Open the page properties and select navigation category in the drop down and select the Invisible in navigation area property to yes.By default this property is No.Change the property for all pcd pages which want to hide from user access.
    Hope this helps you...
    Regards,
    Rudradev Devulapalli
    Reward the points if helpful....

Maybe you are looking for