1

Good day,

For example, mostly in banking website. After user log in to the website, the website normally will prevent the user to right click and open in new tab.

User still can copy the url and paste it into new tab and browse it. And I saw some of the banking website will automatically log the user out if user doing this.

Would like to know how the system detect the user browsing the same application in new tab. (I am doing Java Web Application using Stripes framework)

Kindly advise.

Panadol Chong
  • 1,793
  • 13
  • 54
  • 119

2 Answers2

0

HTTP is a stateless Protocol, session and cookies can't help you with your goal. I suggest you to try websocket or other way to make a comet type communication with clients.

GoForce5500
  • 111
  • 1
  • 7
0

To disable duplicate Tab, one approach would be like this:

  • For valid credential from Login page, add hidden <input name="tabId"> field cotaining a tab Id (something Random number generated at server side) to home Page.
  • After login, for each request send hidden <input name="tabId"> field value as current Tab id.
  • Each time a request came, you have to find the value of hidden <input name="tabId"> field, if the value is null/blank then redirect it to Login Page.
rev_dihazum
  • 818
  • 1
  • 9
  • 19
  • Hi, its quite hard for me to change the exsiting design. If I change the type of communication to AJAX, it affected whole system. – Panadol Chong Apr 18 '16 at 06:19
  • @PanadolChong, I have modified my answer with another approach. see this and feedback me. – rev_dihazum Apr 18 '16 at 07:06
  • I am still not so understand. First step and second step I can get it. At the third step, do u means that If I browse the same url in another tab, it will send request with blank tab id value? – Panadol Chong Apr 18 '16 at 07:40
  • @PanadolChong 3rd point: for each request you have to find the value of ```` is blank or not? if blank then you treat it a new TAB request – rev_dihazum Apr 19 '16 at 11:23