CODEWITHSUNDEEP
javajavascriptjspservlets
user1635967
user1635967

Reputation: 39

How can we call logout servlet on internet disconnection or if user closes tab/browser?

i want to avoid concurrent login with same username and password, for this i have set a isloggedin option in database, if user logs in it will become '1',so with that username and password he can't login again, if he calls logout it will become '0' so he can login. everything is fine,but iam having problem when net disconnets or when user closes the tab. he cant login because isloggedin is set to '1',it should be avoided by setting it to one that means it should call logout servlet.how can i acheive this?

Upvotes: 3

Views: 1243

Answers (5)

Shurmajee
Shurmajee

Reputation: 1047

There is no technique to surely notify the web server when the user closes the tab or browser. following techniques may help you to terminate the user session after they are gone.

  1. configure session-timeout in web.xml.
  2. Set the age of cookie(if you are using any) equal to -1.So that it is deleted when browser closes.
  3. You may have have a java script which sends some data(heartbeat) regularly to the server indicating that the session is active. (but this will keep the session active even if the user is idle for a long time)

Upvotes: 3

Jithin V Kunjachan
Jithin V Kunjachan

Reputation: 11

Instead of using a DB flag its better to use a List in server as a global parameter and add the username to this. So whenever user trys to login add the parameter to the List. Then if the user again trys to login to the session check in the List whether that username is available, if available remove from that session.

If using a DB it can cause DB overload. Keep DB free

Upvotes: 1

pap
pap

Reputation: 27614

There is no consistent or 100% reliable way to detect disconnect/close browser, it's simply not addressed in the HTTP protocols. As has been mentioned, you can get a bit on the way with Javascript (body onunload), but that does not cover all scenarios and is not consistent across browsers.

The short answer here is that you should not design your system to rely on being able to detect the moment a user leaves your site (disconnect/navigate away/close window) since you can't.

Upvotes: 0

vicky
vicky

Reputation: 940

you just need to call a javascrip function on browser closing. you can add logic there to alter the session or restrict the user to close the window. its all upto you. here is some reference code to guide you 

<html><head><title>Example</title>
<script language = "JavaScript">
function abc()
{
statements...
}
</script></head>
<body ONUNLOAD = "abc()">
</html>

Upvotes: 0

dan
dan

Reputation: 13262

You should use spring-security for authenticating the users. Besides other benefits, you will be able to control how many concurrent logins will be allowed too, see 'Concurrent Session Control' from: http://static.springsource.org/spring-security/site/docs/3.0.x/reference/ns-config.html This way once the user will invalidate the session (by using a logout action) or by closing the browser page (you can catch that even too, see onbeforeunload event), even if the session will timeout because it's idle too much the spring-security framework will handle all the cases for you. This way you will not need to maintain that db value anymore.

Upvotes: 2

Related Questions