Mailing List webobjects-dev@wocommunity.org Message #28
From: Jesse Tayler <webobjects-dev@wocommunity.org>
Subject: Re: [WO-DEV] Question about (not allowing) multiple simultaneous logins
Date: Wed, 3 Feb 2021 09:15:08 -0500
To: WebObjects & WOnder Development <webobjects-dev@wocommunity.org>

That’s an unusual request so without understanding why someone would require such a thing, the basic implementation is going to have the same properties...

You’ll need a toggle in your central store (database) for that user. This toggle must reliably know if there is a session open, and this you’d likely toggle in session awake and asleep when you have an authenticated user.

Of course, you’ll run into the possibility that your session is stuck, lost to the user (like, if you left a session open on your phone and have no idea, you’d get locked out which in most cases is a critical failure of your service!) or otherwise you ever lose track of that “off” part then your user would be locked out indefinitely and so on.

I think to understand how to approach that, you’d need serious details around the definition and purpose of the requirements because on the face of it, that’s just an idea that has serious consequences and it’s hard to imagine a value to balance that weight.



> On Feb 3, 2021, at 9:05 AM, Leigh Kivenko <webobjects-dev@wocommunity.org> wrote:
>
> Hello,
> Our application is currently built with WebObjects/WOLips and in some capacity, Wonder.
>  
> We are being asked to not permit multiple simultaneous logins for the same user (i.e., on different computers or using different browsers on the same computer).
>  
> Has anyone ever implemented something like this? Is there something that WebObjects provides out of the box or do we really need to build our own custom implementation?
>  
> Thanks,
>  
>  
>  
>  
> Leigh Kivenko | Chief Technology Officer
> t. 416-479-0523  |  e. leighk@portfolioaid.com
>
> PortfolioAid | website  |  linkedin  |  twitter
> 166 Pearl Street, Suite 200, Toronto, ON M5H 1L3
>
> 2020 WealthTech100 Company  |  2020 WP Awards Service Provider of the Year (finalist)
>
> This e-mail may be privileged and confidential. If you received this e-mail in error, please do not use, copy, or distribute, but advise me immediately
> (by return e-mail or otherwise), and delete the e-mail. PortfolioAid is committed to taking all reasonable measures to safeguard your confidential client
> information. When sending attachments and/or screenshots to the PortfolioAid Help Desk or other PortfolioAid personnel, we kindly remind you to omit,
> redact or securely protect any personally identifiable client information (e.g. name, address, SIN, date of birth, etc.)

Subscribe (FEED) Subscribe (DIGEST) Subscribe (INDEX) Unsubscribe Mail to Listmaster