I am handling users login in this way :
@ManagedBean
@SessionScoped
public class Logincontroller implements Serializable{
String username;
String password;
public String getUsername() {
return username;
}
public void setUsername(String username) {
this.username = username;
}
public String getPassword() {
return password;
}
public void setPassword(String password) {
this.password = password;
}
public void setSessiontimedisplay(boolean sessiontimedisplay) {
this.sessiontimedisplay = sessiontimedisplay;
}
public Logincontroller() {
}
public String Login() {
try {
HttpServletRequest request = (HttpServletRequest) FacesContext.getCurrentInstance().getExternalContext().getRequest();
request.login(username, password);
return "/profil/Homepage.xhtml?faces-redirect=true";}
} catch(Exception e) {
this.groupname="";
this.username="";
FacesContext.getCurrentInstance().addMessage(null, new FacesMessage(FacesMessage.SEVERITY_ERROR,"Either Login or Password is wrong", ""));
}
return null;
}
public String logout(){
FacesContext.getCurrentInstance().getExternalContext().invalidateSession();
return "/login?faces-redirect=true";
}
JSF PAGE CODE :
<f:facet name="header"> Users connections</f:facet>
<h:outputLabel for="username" value="username " /><p:inputText id="username" value="#{logincontroller.username}" />
<h:outputLabel for="password" value="password" /> <p:inputText id="password" value="#{logincontroller.password}" type="password"/>
<f:facet name="footer">
<p:commandButton value="Connexion" icon="ui-icon-check" style="margin:0" action="#{logincontroller.Login()}" update="@form"/>
</f:facet>
</p:panelGrid>
The problem that i have is users can be connected with the same username in other browser or in an other machine and i want that username can be opened just in one single window . Why my class isnt handling this and what i need to add to Prevent multiple users login with same username and password ?