Disabling Multiple login of a user
I have an application where in a user Id should not be used by more than one person to log in at the same time.
What I mean is that at any given point of time, if a person is logged in to the application, with say user id "myself002", then another person should not be able to log in using the same credentials.
This applies if the person trying to log in from another machine or the same person is trying to log in the application using two different browsers.
One approach to achieve this is keeping a flag in the DB and before letting the user gain access to the application, check the flag.
Since I am using LDAP for authentication, this approach would be a bit costly in terms or performance. Also my client does not want to store any session information in the DB or LDAP.
I am thinking if somehow we can get the session Id created by WebLogic Application Server. Since each user would be associated with a unique session Id, we may then be able to control who is logging in. Also we may also be able to invalidate the session.
Can someone help me on the same? Its' kind of urgent, so any help would be great.
I hope I am clear on what problem I am facing and what I want.
