Preventing Multiple Logins

Similar Messages

• How to prevent multiple logins by using HttpBindingListener

  Hi,
  Can anyone tell me how do i actually use session to prevent multiple login from different machine? From my understanding, i need to use HttpBindingListener to valueBound and valueUnbound when user tries to login, but i encounter a problem is my session is always overwritten since i use setAttribute() method in servlet.
  For instance i use username(aaa & bbb) to login in two different machine, my login is always overwritten if i use username bbb to login after username aaa. i know it is because setAttribute() method overwrite existing session data, so i would like to know what other method should i use to achieve what i want, tks.

  Hi,
  This is the logic for session :
  Connect to db for verification, once verified, system return a UserBean and this UserBean will be set in ClientSecurityEngine
  When this particular user has been successfully verified, a new session will be created
  if(success)
      session = request.getSession();
      User user;
      synchronized(session)
      user = (User) session.getAttribute("user");                       
      if(user == null)
         user = new User(ClientSecurityEngine.getInstance().getUserBean().getUsername());
         session.setAttribute("user", user);
  /* User class */
  public class User implements HttpSessionBindingListener {
      private static Map<String, HttpSession> logins = Collections.synchronizedMap(new HashMap<String, HttpSession>());
      private String username;
      public User(String username) {
          this.username = username;       
      public String getUsername() {
          return username;
      @Override
      public void valueBound(HttpSessionBindingEvent event) {
          if (logins.containsKey(getUsername())) {
              HttpSession session = logins.remove(getUsername());
              if (session != null) {
                  session.invalidate();
              logins.put(getUsername(), event.getSession());
          } else {
              logins.put(getUsername(), event.getSession());
      @Override
      public void valueUnbound(HttpSessionBindingEvent event) {
          logins.remove(getUsername());
  }Edited by: EJP on 21/07/2011 14:22: added {noformat}{noformat} tags so we can actually read your code. Please use them.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   

• How can i design my application to prevent multiple login

  i need to develop a new application which want to prevent multiple user login. How can i do that? if i put all userid in a stack/arraylist and set it global, then set a filter to check the stack each time, is it ok, or have another better solution to do that. Thanks.

  Your client application needs to contain a unique Session identifier and the server application needs to keep a mapping of these Session identifiers against the User that is logged in.
  Then if another client app trys to log in with the same User ID and it is not the same as the current logged in Session identifier for that User, you can deny them access.
  Make sure the client app has a mechanism for logging out the current User/Session identifier, by way of a button or event.
  Events may go as follows:
  1. User A logs in
  2. Server app creates Session ID 1.
  3. Client app is assigned Session ID 1.
  4. Server app maps User A to Session ID 1.
  then later
  5. Different user tries to log in as User A.
  6. Server app checks for Session ID.
  7. No Session ID exists.
  8. Not the same user - go away (or other instruction)
  or
  5. Original User A (from point 1) logs in again.
  6. Server app checks for Session ID.
  7. Client app sends Session ID 1.
  8. Server app checks mapping of Session ID 1 to User A.
  9. Success, User A is the original user - please continue what you're doing.
  How you implement the storing of the Session ID on the Client app is dependant on the type of app your building - Cookies for web apps or encrypted files for GUI apps. The same applies for storing the mapping of the User to the Session but a database is the easist route to follow.
  Hope this helps.

• Prevent multiple logins of the same user in portal

  Hi Experts,
  I have a requirement wherein I am needed to ensure that whenever a user tries to login to the portal, I should check whether this user already has a session active. If yes, I should not allow this user to login again. As in this user should not be able to login by opening a new browser window or by trying to login from some other system.
  However if there are no existing sessions for this user then allow her/him to log in.
  Is there any way I can achieve this by changing any parameters in Visual Admin / Config Tool or do I have to implement this functionality by making modifications in the masthead .par file?
  Best Regards,
  Saurabh Vakil.

  Hi Saurabh,
  you can do this by modifing the headerIview.jsp by using session variables.
  when a user logs into portal you have to keep his details in a session and check them everytime when he tries to login again.if it is not the first time then throw and error message
  you need to change the par file. code will be something like this
  session.setAttribute("user",request.getUser());
  if(session.getAttribute("user")!=null)
  And for preventing from backend -
  By changing the parameter - login/disable_multi_gui_login you can do this.
  Check below sap link - http://help.sap.com/saphelp_erp2004/helpdata/en/22/41c43ac23cef2fe10000000a114084/frameset.htm
  Regards,
  Sen
  Edited by: prodyut kumar sen on Dec 20, 2010 1:22 PM

• Multiple Logins - Same Browser Cookie Problems??

  Is there any Issues in which a User uses Tabs to Login (LDAP Authentication)?
  I have only a Cookie Name in the Cookie Attributes in Authentication Setup.
  I had multiple browsers opened and signed on an application. A :tx- row lock contention was evident..
  INSERT INTO WWV_FLOW_DATA ( FLOW_INSTANCE, ITEM_ID, ITEM_VALUE ) VALUES ( :B4 , :B3 , :B2 ||':'||:B1 ||':0:0')
  Can someone explain what happened here, and does multiple logins have to be prevented?
  Should I add a Cookie Path and Domain to prevent this?
  Thanks,
  Mike

  Mike,
  I need a more detailed scenario to follow. I'm not even sure you are saying that something did not work properly.
  FYI, cookies have no presence in session state.
  Scott

• Multiple Logins of single user

  How do we prevent a single user from multiple logins on IDM.
  If the user has already logged-in, IDM should prevent the same user when tries to login again.
  Thanks.

  This is really difficult to implement. The app server takes care of most of this session behaviour and we can have mulitple IDM instances in a setup which makes this really difficult.
  The other thing is how would you detect a second login? Does the second login come from the same IP or different IP? There are possible problems with all these scenarios.
  It is an oustanding enhancement to give you this option but it will not come soon.
  WilfredS

• Multiple logins on one computer - Different accounts, same picture...?

  Greetings,
  Since the iPhone 3.0 recently released push notifications, I decided to open an account for my wife that she could use on her iPhone. From what I understand, iChat now allows multiple logins on each computer.
  I set everything up accordingly, noted that I am the admin on this computer, my picture pops into my ichat name. If I then enable her account on the same computer, her login also pops up next to my window. This is working according to plan.
  However, if I try to change the picture on her ichat window it also changes on mine. What am I doing wrong here?
  Cheers...

  Hi,
  iChat can not display different Buddy Pics for different Buddy Lists.
  This may change with Snow Leopard.
  Click the iChat Menu and use the Feedback option and post your wish there.
  iChat can use one of 4 Buddy pics.
  You can set a Pic in the iChat Buddy List by clicking on the current one and using the edit features.
  If there is not one in the Address Book for yourself And this tends to be the one selected in System Preferences > Accounts > Your account although you can set them to be different (Three choices so far) it will default to one for the account type (A Running yellow man for AIM, A Blue Globe for @mac.com names and the Cloud for MobileMe names).
  Apple have tended to suppose that if two or more people are going to be using a Mac that there are then Mac User Accounts set up on the computer and therefore there is no issue with Buddy Pics.
  The iChat Buddy List is held on the AIM server (AIM names, @Mac.com [email protected] ones).
  Part of the process is that the local Buddy list compares this to the Address Book and Add the Real names you have entered.
  So only this name in the Address Book on that computer will show Real names if entered.
  You can Export the Address Book on one computer and Import on the other to get them the same. (Or Sync via MobileMe if you have an Account)
  You are getting in to the realms of your wife's Buddies being in your Address Book.
  Did I mention another Mac User Account ?
  10:31 PM Thursday; June 25, 2009

• Using a single iTunes library with multiple logins.

  I've setup my iMac to have multiple logins for everyone in my family. I'd like everyone to use the same iTunes library, though, so that all purchases and playlists can be seen and used by everyone. I have it so that everyone has the same files, but not the same library. That is, the playlists don't come through on the other logins, and purchases made from one login don't translate to another.
  I'm not trying to rip anyone off, I just want my whole family to have the same library.
  Is this possible?

  padrepablo wrote:
  Thanks much, but I've done that. That method shares FILES but not the LIBRARY
  Then you missed a step or two.
  The steps above share the entire iTunes library (media, artwork, playlists, library file, Genius files, everything).
  In the Music/iTunes folder on everyone's login is a file called iTunes Library.itl.
  Yes, and holding Option and selecting Choose library allows you to select which iTunes library you want to use.
  THAT is the file I want to share, but I can't seem to move it.
  The steps above will do exactly what you want.
  All users will use the exact same iTunes library.
  You need to hold Option and select Choose library (notice is says, "Library").
  Once you copy your /Music/iTunes/ folder to /Users/Shared/ folder, everyone can delete /Username/iTunes/ folder.

• Multiple logins on one account...

  Is there any way to have multiple login/passwords connect to the same account in the Room Console?
  Is the login/password tied to a particular account URL? Or can I setup two accounts to access the same account URL?
  thanks
  -sandy

  hi Nigel,
  We have multiple developers working on a project and the Room Console is a great asset in debugging. Right now we are just sharing one login, which isn't ideal, but isn't the end of the world either.
  I think the best solution is probably to build out the Local Server so that it has a RoomConsole. (And can be instantiated from AS3 for unit tests.)
  What is the workflow that you guys use for development? Do you use the LocalServer or do you use a server? Or do you have some internal tools that you haven't shared yet?
  -sandy

• How to prevent multiple users from updating the same data in coherence

  Hi,
  I have a Java Web Application and for data cache am using coherence 3.5. The same data maybe shared by multiple users which maybe in hundreds. Now how do I prevent multiple users from updating the same data in coherence i.e. is there something in coherence that will only allow one user a time to update. If one user is in a process of updating a data in coherence and some other user also tries to update then the second user should get an error.
  Thanks

  I have a question on the same line. How can I restrict someone from updating a cache value when I a process is already working on it. I tried locking the cache key but it does not stop other process to update it , it only does not allow other process to get lock on it.

• Prevent multiple users from editing/approving the same form SPD 2013,SP 2013

  Hello all, I have a workflow with a to do task, the task is assigned to a group so any of the users in that group can go in and do a quality check on form data and approve it.  How do I prevent multiple users from working on the
  same form? do I just require check out? or is there a way to notify the rest of the group that a user has already started the quality check.

  The "Require Checkout" option is your best bet.  You can also enable the auto checkout on edit option to allow minimal effort on the side of the user.  Other users will then get the error message stating the item is checked out, if they try to
  edit it.
  If you'd like, you could add a workflow to the task list that triggers when something is changed.  That workflow can check if the item is checked out and if so, email the other users assigned to the task.
  I trust that answers your question...
  Thanks
  C
  |
  RSS |
  http://crayveon.com/blog |
  SharePoint Scripts | Twitter |
  Google+ | LinkedIn |
  Facebook | Quix Utilities for SharePoint

• Prevent multiple users from updating coherence cache data at the same time

  Hi,
  I have a web application which have a huge amount of data instead of storing the data in Http Session are storing it in coherence. Now multiple groups of users can use or update the same data in coherence. There are 100's of groups with several thousand users in each group. How do I prevent multiple users from updating the cache data. Here is the scenario. User logs-in checks in coherence if the data there and gets it from coherence and displays it on the ui if not get it from backend i.e. mainframe systems and store it in coherence before displaying it on the screen. Now some other user at the same time can also perform the same function and if don't find the data in coherence can get it from backend and start saving it in coherence while the other user is also in the process of saving or updating. How do I prevent this in coherence. As have to use the same key when storing in coherence because the same data is shared across users and don't want to keep multiple copies of the same data. Is there something coherence provides out-of-the-box or what is best approach to handle this scenario.
  Thanks

  Hi,
  actually I believe, that if we are speaking about multiple users each with its own HttpSession, in case of two users accessing the same session attribute in their own session, the actually used cache keys will not be the same.
  On the other hand, this is probably not what you would really like, you would possibly like to share that data among sessions.
  You should probably consider using either read-through caching with the CacheLoader implementor doing the expensive data retrieval (if the data to be cached can be obtained outside of an HTTP container), or side caching with using Coherence locks or entry-processors for concurrency control on the data retrieval operations for the same key (take care of retries in this case).
  Best regards,
  Robert

• Multiple logins - can they access the same iTunes library?

  I have multiple logins on my Mac with Leopard. Our families iTunes library resides on my account. I set up separate accounts for them to protect my documents and such. However, when they launch iTunes, the library is blank. Can I point them to the library on the main account somehow so we don't have duplicate files.

  Have a look at this page: iTunes: How to share music between different accounts on a single computer

• How to see, if some user has done multiple login at the same time

  Hi,
  i'm looking for a tcode to see, if some user has done multiple login in a date-range.
  Regards, Dieter

  It is also dependent on your license type, as it is populated at logon - prior to any Z-coding option - which will cause a lockout if attempted an access that way.
  I recently found a cool way to detect DB triggers and updates - very obscure...
  However I also "move around" during support in projects and don't always want to kick myself out. I guess SAP can "work-it-out" from the various fields of the table to map the user behaviour.
  Personally I dont believe that all of such information is appropriate for public domain, as all the SAP_ALLers out there combined with the types of authentication options are not always responsible with the information either.
  Thankfully, SAP has added a "salt" to the password hashes now. They offer RZ11 login/password_downwards_compatibility as a workaround...
  Take a look in your system!
  Cheers,
  Julius

• IOS 8 - iCloud Keychain with Multiple Login Accounts for a Site

  I use iCloud Keychain to store multiple login accounts for a single website.
  When using Safari on a Mac, the last login account I used for that site is prepopulated in yellow fields. If I want to change the login account, I clear the field with the login ID and I see a dropdown of all of the login accounts available for that site.
  When using Safari on iOS 7, the last login account I used is prepopulated (just like with the Mac), but if I want to use a different login account, I need to enter enough characters in the login ID field for Safari to know which login account I want to use and then it autofills using that account.
  Now, with iOS 8, all I get is the last login account I used. I can't figure out how to autofill any of my other login accounts for that site.
  I'm pretty sure I'm doing something wrong, but I can't figure it out. Any suggestions would be appreciated.
  Thanks.
  Mike

  Mike:
  Did you ever find a solution for this? I just noticed the same behavior.
  -emde