I would recommend using a Session Listener in order to maintain the Map of
sessionIds->HttpSession objects manually:
http://www.java2s.com/Code/Java/Servlets/Servletsessionlistener.htm
--Lincoln
On Sat, Mar 13, 2010 at 2:35 AM, <webtier_at_javadesktop.org> wrote:
> Firstly, i would like to thank you for your reply...I know this information
> mate...it takes care of everything about session management but consider
> that scenerio:
> A user logs in to the system with a username and a password..And after that
> another user tries to logs in to the system with the same username and
> password but by a different browser than the first user uses or a different
> tab within the same browser...This case must not be allowed by the
> system...There is one information not known by the system at that point...
> which is the session of the first user is invalidated (due to time-out or
> his own will) or not...And also (as you know) the system can not use the
> second user's request to get the session of the first user so cannot
> determine whether the first user's session invalidated or not...
> I hope this scenerio is helpfull to explain my problem...
> Thanks for your future replies in advance...
> [Message sent by forum member 'ilitheblack' (gurcan.ilker_at_hotmail.com)]
>
> http://forums.java.net/jive/thread.jspa?messageID=391632
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: webtier-unsubscribe_at_glassfish.dev.java.net
> For additional commands, e-mail: webtier-help_at_glassfish.dev.java.net
>
>
--
Lincoln Baxter, III
http://ocpsoft.com
http://scrumshark.com
"Keep it Simple"