2

I must ensure unique session for my application so if user login to my application by Chrome browser and then login by Firefox browser, my application must notice user that there is other opened session.

Now I set my bean as ApplicationScope managing in login method this information:

FacesContext context = FacesContext.getCurrentInstance();
context.getExternalContext().getApplicationMap().put("userCode" + userCode, user.getUserCode());

so when user login with other browser, my application compares userCode with

context.getExternalContext().getApplicationMap().get(userCode)

If userCode exists then:

context.getExternalContext().getSessionMap().clear();
context.getExternalContext().invalidateSession();

but is not enough because first session is still valid. Is it possible destroy all session among browser?

ForguesR
  • 3,558
  • 1
  • 17
  • 39
Diaboliko
  • 231
  • 1
  • 5
  • 21
  • Better is to prevent the new user to be able to start a new login. Much easier to keep track of! – Kukeltje Mar 10 '16 at 17:31
  • @Tiny: no, a sessionlistener will help here. It will do the 'logout'. And if that is not enough, a 'force logout' can simply be added by requesting to send an email with a 'force logout', like a password reset... Very often code for the latter is already available and can be re-used – Kukeltje Mar 10 '16 at 18:28
  • Thanks a lot to all. – Diaboliko Mar 11 '16 at 08:02
  • For what? do you have a solution? Care to share it? – Kukeltje Mar 11 '16 at 18:59
  • Possible duplicate of [How to invalidate an user session when he logs twice with the same credentials](http://stackoverflow.com/questions/2372311/how-to-invalidate-an-user-session-when-he-logs-twice-with-the-same-credentials) – ForguesR Mar 11 '16 at 19:23
  • I think that solution you suggest to use database... – Diaboliko Mar 14 '16 at 08:45
  • No you don't need a database to implement this solution. – ForguesR Mar 14 '16 at 13:41
  • I think to store login information on database and then check user login... otherwise how can I do?!? – Diaboliko Mar 15 '16 at 08:42

0 Answers0