Ricardo, I can't think of any easy way to do that strictly within JAAS, but you didn't write if you were using JAAS.
If you are using an Account object (of some sort) in the Session context, here is an idea for you: Have an application-scope object containing a map of usernames (or id numbers). The object returned is a reference to the Account object in that user's session. If you login a second time, reset the stored Account object to a blank user and/or blank id number so no actions will work with that ID number, then put the newly logged-in users's Account object in the map instead. You could design your own RequestProcessor.processRoles() method to see if the Application context as an Account object for that user with a blank user or blank id number then kick out a message explaining that the account has been logged off due to a login from another location or for another session. That would provide a more polite explanation of why the user was logged out, rather than him/her simply losing their session for unknown reasons. If you're using JAAS, this could work in conjunction with it depending on how you code it. Regards, David -----Original Message----- From: Ricardo Andres Quintero [mailto:[EMAIL PROTECTED] Sent: Wednesday, July 28, 2004 3:04 PM To: [EMAIL PROTECTED] Subject: Not Logged in with the same loggin-password if it is already registered. Hello Guys I need not to let users to login in my app simultaneosly. I mean if a login-password is actually logged in, i need to invalidatye that session and then let the new login-password to work in, after invalidating the old session. Any ideas? and of course any examples? -- Ricardo Andrés Quintero R. Ubiquando Ltda. --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
