Ummm. first of all, I am not sure whether I am posting this query in the right section (!) Anyways, dear mods.. u guys are free to move it to the relevant section, just let me know tho!
So here goes.
Well, I have been sitting with this application for about 2 months now. Using the J2EE technologies, with Eclipse, Struts, Beans, Jboss (No surprise eh, yeah Sure!), & with hibernate too.
So all else is fine. I have designed a multi-login facility for this application of mine, working fine till now, and here is where the part of heling me out comes in the picture!
1. I need to "log" the different logins, their login times, names etc, after they are logged in the system, and similarly their logout times before their session is destroyed (or they log-out) which ever is earlier (i have set a session timeout of 3 minutes.)
2. I need to make sure that : even if the url of one of my module, say ABC module, is known to the user of the XYZ module, he or she cannot go to that module after login in. In short, no tresspassing is allowed!!
Guys, pls pls pls help me in doing this. I am completely new at this sort of a thing so all help is appreciable from my side.
MOreover, is an option available for this in the log4j api's?? I am using apache by the way...
I want to save these login attempts (both successful as well as unsuccessful ones) in such a format that the administrator can easily view them in an easy to read webpage format...showing the login user name, date, time of login, time for which he had been online etc...