0

When ever a user loggedIn to my application , I am saving the loginStatus as"LoggedIn" in Database for that user .(So multiple login cant take place from different computers).

It works fine for me , But in 1 scenario i am facing issue .

If a user just leave his pc and go away , Now he's trying to login from an other pc . But his loginStatus in db is still "loggedIn".So he is unable to login from other pc until and unless he go to the other pc(where he was previously loggedIn) and log himself out.

Anyway i can handle this , Ideally if there is a way of Loggingout User Automatically from previous pc/browser when ever he tries to attempt from some other location.

I call this method when user clicks on LOGOUT link, which makes session invalid , and also make a call to db.. What i want is to make a call to this method When there is an inactivity for lets say 2 minutes,Or user simply close his browser (Without LogginOut)

          public String logOut() throws Exception {
    System.out.println("inside server");
    User user = (User) session.getAttribute("user");
    logoutFromDb(user);// call to db
    session=getThreadLocalRequest().getSession(true);
    session.invalidate();
    System.out.println("invalidated");

Trying this 

           DateTime lastAccessedTime = new DateTime(session.getLastAccessedTime());
    DateTime currentTime = new DateTime();
    Minutes diff =  Minutes.minutesBetween(currentTime, lastAccessedTime);
    if (diff.getMinutes()>1){
        logOut();

But lastAccessedTime is having the time when the code came to this line itself last time

this line:

         DateTime lastAccessedTime = new DateTime(session.getLastAccessedTime());

So it not giving the actual time when User did some thing , Instead it give me the time when this line was called..

junaidp
  • 10,801
  • 29
  • 89
  • 137
  • How will you know its the same person logging from different machine? However you can set some timer to auto log out after some time if no action is been taken. – Smit Oct 23 '13 at 18:42
  • I will take his credentials to db and check if his loginStatus is "LoggedIn", which i did set on his first successful login. So if the loginStatus for that user is "LoggedIN", I will simple not allow him to login. Please let me know whats the way of checking if there no activity, Thats what i am after – junaidp Oct 23 '13 at 18:48
  • This is waht I have found closest to your situation. [Session management in the gwt](http://stackoverflow.com/questions/5831692/session-management-in-the-gwt) – Smit Oct 23 '13 at 18:55
  • I use , session.setMaxTimeInterval(); But the db status remains there , I want to make the db status as loggedOut as well, if there is inactivity – junaidp Oct 23 '13 at 18:55
  • I have never implement this but if you can show your code snippet then it could help to resolve your issue. However are you changing DB status once the timer reached? – Smit Oct 23 '13 at 18:58
  • NO , Thats the Point. I want to change the DB Status when time reached , If you can give me some idea on that.I am updating my Question snippet , please have a look – junaidp Oct 23 '13 at 19:03

1 Answers1

0

One way of handling this is to have a last activity column in the table where you are storing the login status and populate this value with timestamp of last user activity. You can have a job which runs on a predefined interval which will set the status to "loggedOff" by calculating the different between current time and last activity time.

Karthik
  • 1,005
  • 8
  • 7
  • i am using session.lastActivity method , But it gets the last time when i call this method itself ("session.lastActivity"), please review my updated Question – junaidp Oct 23 '13 at 19:08