Mailing List webobjects-dev@wocommunity.org Message #30
From: Christoph Wick <webobjects-dev@wocommunity.org>
Subject: Re: [WO-DEV] Question about (not allowing) multiple simultaneous logins
Date: Wed, 3 Feb 2021 15:38:00 +0100
To: WebObjects & WOnder Development <webobjects-dev@wocommunity.org>
 Message Header

Undecoded Message
I once had a similar requirement. I came pretty far by

1. implementing a lock in the database
2. making sure to remove the lock during logout
3. overriding Session's terminate() method, e.g.

public class Session extends ERXSession {

@Override
public void terminate() {
if (!isTerminating()) {
database.removeLockFor(currentUser);
super.terminate();
}
}

}

On 3. Feb 2021, at 15:15, Jesse Tayler <webobjects-dev@wocommunity.org> wrote:


That’s an unusual request so without understanding why someone would require such a thing, the basic implementation is going to have the same properties...

You’ll need a toggle in your central store (database) for that user. This toggle must reliably know if there is a session open, and this you’d likely toggle in session awake and asleep when you have an authenticated user.

Of course, you’ll run into the possibility that your session is stuck, lost to the user (like, if you left a session open on your phone and have no idea, you’d get locked out which in most cases is a critical failure of your service!) or otherwise you ever lose track of that “off” part then your user would be locked out indefinitely and so on.

I think to understand how to approach that, you’d need serious details around the definition and purpose of the requirements because on the face of it, that’s just an idea that has serious consequences and it’s hard to imagine a value to balance that weight.



On Feb 3, 2021, at 9:05 AM, Leigh Kivenko <webobjects-dev@wocommunity.org> wrote:

Hello,
Our application is currently built with WebObjects/WOLips and in some capacity, Wonder.

We are being asked to not permit multiple simultaneous logins for the same user (i.e., on different computers or using different browsers on the same computer).

Has anyone ever implemented something like this? Is there something that WebObjects provides out of the box or do we really need to build our own custom implementation?

Thanks,




Leigh Kivenko | Chief Technology Officer
t. 416-479-0523  |  e. leighk@portfolioaid.com

PortfolioAid | website  |  linkedin  |  twitter
166 Pearl Street, Suite 200, Toronto, ON M5H 1L3

2020 WealthTech100 Company  |  2020 WP Awards Service Provider of the Year (finalist)

This e-mail may be privileged and confidential. If you received this e-mail in error, please do not use, copy, or distribute, but advise me immediately
(by return e-mail or otherwise), and delete the e-mail. PortfolioAid is committed to taking all reasonable measures to safeguard your confidential client
information. When sending attachments and/or screenshots to the PortfolioAid Help Desk or other PortfolioAid personnel, we kindly remind you to omit,
redact or securely protect any personally identifiable client information (e.g. name, address, SIN, date of birth, etc.)


#############################################################
This message is sent to you because you are subscribed to
 the mailing list <webobjects-dev@wocommunity.org>.
To unsubscribe, E-mail to: <webobjects-dev-off@wocommunity.org>
To switch to the DIGEST mode, E-mail to <webobjects-dev-digest@wocommunity.org>
To switch to the INDEX mode, E-mail to <webobjects-dev-index@wocommunity.org>
Send administrative queries to  <webobjects-dev-request@wocommunity.org>


Subscribe (FEED) Subscribe (DIGEST) Subscribe (INDEX) Unsubscribe Mail to Listmaster