0 Replies Latest reply on Sep 3, 2008 4:17 PM by nimo stephan

    login User at most once time

    nimo stephan Master

      Hello,


      I have the following scenario:


      I have a login-site with username and password.


      Now, I open for example the Mozilla-browser and login with my username and password.


      All works. In the same browser, I cannot login twice as the Session is activ. That s okay!


      But when I open a other browser, for example, Internet Explorer, then I can login again, even when I have been looged in in the Mozilla-browser because a new Session (independently from the Session of Mozilla) begins. How can I avoid this? I want, that the same User can login at most once time, independently from which browser.


      I know, I can retrieve the Session via the Application-Scope and overwrite it with the newest one coming from the last login, but I do not know, if it is in conflict with some security constrain given in the SEAM.


      The method


      Session.instance().invalidate(); 



      can only invalidate the Session from the Client-instance revoking this method. Is there a other way achieving it with SEAM?