Welcome!

Silverlight Authors: Automic Blog, Michael Kopp, AppDynamics Blog, Kaazing Blog, Steven Mandel

Related Topics: Machine Learning

Machine Learning : Article

Rich Internet Applications: Tips, Tricks & Techniques

How to Avoid Multiple Per-User Sessions in Tomcat/JBoss

Usually, in a rich internet application (RIA), a user with a registered account can do two different logins from two different workstations and can maintain two concurrent sessions opened. In some applications we want to limit the users to one session per account, so we have to take countermeasures.

A simple method to check if a user is logged is to set a property in the current HttpSession; in this example in our login function we set

session.setAttribute("username", username);

If there is no username attribute, we will return an error to the user.
When someone starts a session with his account we have to check if there is already a session opened with that account. We can use an HashMap using the username as key and the session as value; obviously we have to use the same hashmap across multiple logins. A very fast and simple solution is to create a singleton that exposes operations on our hashmap:

public class MySessionManager {

private HashMap hashMap;

public boolean exist(String username) {
if(hashMap.containsKey(username)) {
return true;
}

return false;
}

public boolean addSession(HttpSession session) {
if(hashMap.containsKey(session.getAttribute("username"))) {
return false;
}

hashMap.put((YouthruCorpPrincipal)session.
getAttribute("username"), session);
return true;
}

public HttpSession getSession(String username) {
return hashMap.get(username);
}

public boolean removeSession(String username) {
if(!hashMap.containsKey(username)) {
return false;
}

hashMap.remove(username);
return true;
}

private static MySessionManager instance;


public static MySessionManager getInstance() {
if(instance == null)
instance = new MySessionManager();

return instance;
}

public MySessionManager() {
hashMap = new HashMap();
}

}

In our login function we have to check the existence of a previously created session with the same username, in that case we can logout the user associated with that session:

if(MySessionManager.getInstance.exist(username)) {
logout(MySessionManager.getInstance.getSession(username));
MySessionManager.getInstance.removeSession(username);
}

In this case the logout function takes as argument a session and log out from our application the user associated with that session, then we can do our login routine and at add the current session to the hashmap.

In this example we are checking only for sessions with a username attached, if we want to do some operation every time a session is created/destroyed, we can implement the HttpSessionListener interface:

Classes that implement this interface will be notified of session creation and destruction using the respective functions:

void sessionCreated(HttpSessionEvent se)
void sessionDestroyed(HttpSessionEvent se)

To receive notification events, the implementation class must be configured in the deployment descriptor for the web application; for example:


<web-app version="2.4" xmlns="http://java.sun.com/xml/ns/j2ee"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://java.sun.com/xml/ns/
j2ee http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd">

<listener>
<listener-class>
myapp.security.MySessionListener
</listener-class>
</listener>
</web-app>

More Stories By Emanuele Tatti

Emanuele Tatti is a software engineer at Comtaste, a consulting company and solution provider for Rich Internet Applications (RIA) based in Rome, Italy, and operating internationally (www.comtaste.com/en). His areas of expertise are Flex, Livecycle Data Services, BlazeDS and Java for building enterprise applications. He has been involved in several projects especially related to the financial field and is also chief engineer for YouThruBiz, an innovative enterprise-class rich internet application which allows companies and recruiters to select human resources through multimedia job interviews and e-resumes.

His posts can be found at blog.comtaste.com

Comments (0)

Share your thoughts on this story.

Add your comment
You must be signed in to add a comment. Sign-in | Register

In accordance with our Comment Policy, we encourage comments that are on topic, relevant and to-the-point. We will remove comments that include profanity, personal attacks, racial slurs, threats of violence, or other inappropriate material that violates our Terms and Conditions, and will block users who make repeated violations. We ask all readers to expect diversity of opinion and to treat one another with dignity and respect.


IoT & Smart Cities Stories
We are seeing a major migration of enterprises applications to the cloud. As cloud and business use of real time applications accelerate, legacy networks are no longer able to architecturally support cloud adoption and deliver the performance and security required by highly distributed enterprises. These outdated solutions have become more costly and complicated to implement, install, manage, and maintain.SD-WAN offers unlimited capabilities for accessing the benefits of the cloud and Internet. ...
Discussions of cloud computing have evolved in recent years from a focus on specific types of cloud, to a world of hybrid cloud, and to a world dominated by the APIs that make today's multi-cloud environments and hybrid clouds possible. In this Power Panel at 17th Cloud Expo, moderated by Conference Chair Roger Strukhoff, panelists addressed the importance of customers being able to use the specific technologies they need, through environments and ecosystems that expose their APIs to make true ...
Business professionals no longer wonder if they'll migrate to the cloud; it's now a matter of when. The cloud environment has proved to be a major force in transitioning to an agile business model that enables quick decisions and fast implementation that solidify customer relationships. And when the cloud is combined with the power of cognitive computing, it drives innovation and transformation that achieves astounding competitive advantage.
DXWorldEXPO LLC announced today that "IoT Now" was named media sponsor of CloudEXPO | DXWorldEXPO 2018 New York, which will take place on November 11-13, 2018 in New York City, NY. IoT Now explores the evolving opportunities and challenges facing CSPs, and it passes on some lessons learned from those who have taken the first steps in next-gen IoT services.
"Space Monkey by Vivent Smart Home is a product that is a distributed cloud-based edge storage network. Vivent Smart Home, our parent company, is a smart home provider that places a lot of hard drives across homes in North America," explained JT Olds, Director of Engineering, and Brandon Crowfeather, Product Manager, at Vivint Smart Home, in this SYS-CON.tv interview at @ThingsExpo, held Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA.
In an era of historic innovation fueled by unprecedented access to data and technology, the low cost and risk of entering new markets has leveled the playing field for business. Today, any ambitious innovator can easily introduce a new application or product that can reinvent business models and transform the client experience. In their Day 2 Keynote at 19th Cloud Expo, Mercer Rowe, IBM Vice President of Strategic Alliances, and Raejeanne Skillern, Intel Vice President of Data Center Group and G...
The current age of digital transformation means that IT organizations must adapt their toolset to cover all digital experiences, beyond just the end users’. Today’s businesses can no longer focus solely on the digital interactions they manage with employees or customers; they must now contend with non-traditional factors. Whether it's the power of brand to make or break a company, the need to monitor across all locations 24/7, or the ability to proactively resolve issues, companies must adapt to...
DXWorldEXPO LLC announced today that ICC-USA, a computer systems integrator and server manufacturing company focused on developing products and product appliances, will exhibit at the 22nd International CloudEXPO | DXWorldEXPO. DXWordEXPO New York 2018, colocated with CloudEXPO New York 2018 will be held November 11-13, 2018, in New York City. ICC is a computer systems integrator and server manufacturing company focused on developing products and product appliances to meet a wide range of ...
René Bostic is the Technical VP of the IBM Cloud Unit in North America. Enjoying her career with IBM during the modern millennial technological era, she is an expert in cloud computing, DevOps and emerging cloud technologies such as Blockchain. Her strengths and core competencies include a proven record of accomplishments in consensus building at all levels to assess, plan, and implement enterprise and cloud computing solutions. René is a member of the Society of Women Engineers (SWE) and a m...
DXWorldEXPO | CloudEXPO are the world's most influential, independent events where Cloud Computing was coined and where technology buyers and vendors meet to experience and discuss the big picture of Digital Transformation and all of the strategies, tactics, and tools they need to realize their goals. Sponsors of DXWorldEXPO | CloudEXPO benefit from unmatched branding, profile building and lead generation opportunities.