how to reject login if the user has already logged on in other browser tab??

guido_valli · February 14, 2013, 5:46pm

Could display a Error message for this and block the complete portal?

system · February 14, 2013, 6:03pm

I would advise against doing that since it would be very difficult to do reliably and there is no real security benefit from limiting the number of active user sessions.

guido_valli · February 14, 2013, 6:38pm

I have a problem

when a user attempts to modify two different instances of the same app the data is corrupted and mixed both instances

system · February 14, 2013, 6:52pm

I don’t think restricting login is the right solution for that problem. For example, if the user closes the browser without logging out (or the browser crashes), the session is still alive on the server until it times out. If you have code that restricts the login if the user is already logged in, then the user would not be able to login again until the old session times out (30 minutes by default).

Perhaps you could broadcast a custom event when something is modified in another session. Then listen for that event and auto-refresh the portlet (or notify the user with an alert).

guido_valli · February 14, 2013, 6:58pm

Thanks Eric for your answer!

How I can I know if a change is made in another session?

system · February 14, 2013, 7:10pm

I don’t really know enough about your application to comment on when the app data has changed.

Presumably, when the user hits the save or apply button to persist the changes, you could raise an event at that point.

guido_valli · February 14, 2013, 7:17pm

Is it possible to check if the user has more than one session open?

also able to show an alert message in the app initialize and hide all components of this

system · February 14, 2013, 7:24pm

There is probably a way to check that, but in the end you would have the same problem as with restricting logins. How would you know which session is the one that should be allowed to edit the app data?

guido_valli · February 14, 2013, 7:30pm

In the first session the application runs normally

if you are logged hidden all components from the render with a boolean variable read in Initialize()

Could it work?

system · February 14, 2013, 7:36pm

I can’t see how that could work reliably. It would get confusing if the user refreshes the page to determine which session is allowed to edit.

guido_valli · February 14, 2013, 7:51pm

I’m blocked, I can not think how to do this

users work with multiple browser tabs and I have no way to block or prevent