on 12-20-2010 10:06 AM
Hi Experts,
I have a requirement wherein I am needed to ensure that whenever a user tries to login to the portal, I should check whether this user already has a session active. If yes, I should not allow this user to login again. As in this user should not be able to login by opening a new browser window or by trying to login from some other system.
However if there are no existing sessions for this user then allow her/him to log in.
Is there any way I can achieve this by changing any parameters in Visual Admin / Config Tool or do I have to implement this functionality by making modifications in the masthead .par file?
Best Regards,
Saurabh Vakil.
Dear Saurabh,
I have got confirmation from SAP on this.
Due to technical reasons this is not possible. As HTTP is a stateless
protocol, the server has no control over the user session. In fact the
server does never know whether the user is still logged on or not.
Hence it is not possible to avoid multiple logons.
Regards,
Shreyas Pandya
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Marj,
We got below confirmation from SAP in the support incident we had raised. We don't have any document specifying the same.
Due to technical reasons this is not possible. As HTTP is a stateless
protocol, the server has no control over the user session. In fact the
server does never know whether the user is still logged on or not.
Hence it is not possible to avoid multiple logons.
Regards,
Saurabh
Hello Saurabh,
You may check SAP Note 2052515 - Multiple logins for the same user on the Enterprise Portal for reference
Hi Saurabh,
you can do this by modifing the headerIview.jsp by using session variables.
when a user logs into portal you have to keep his details in a session and check them everytime when he tries to login again.if it is not the first time then throw and error message
you need to change the par file. code will be something like this
session.setAttribute("user",request.getUser());
if(session.getAttribute("user")!=null)
And for preventing from backend -
By changing the parameter - login/disable_multi_gui_login you can do this.
Check below sap link - http://help.sap.com/saphelp_erp2004/helpdata/en/22/41c43ac23cef2fe10000000a114084/frameset.htm
Regards,
Sen
Edited by: prodyut kumar sen on Dec 20, 2010 1:22 PM
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hello,
Please refer to this blog [How to Limit the Number of Users Logged on to your Portal / WAS|http://www.sdn.sap.com/irj/scn/weblogs?blog=/pub/wlg/5420] [original link is broken];.
Regards
Puneet
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
The blog you posted is about limiting the overall number of logged on users (ex: limit: 500 users) and sadly not about how to prevent that 1 user logs on 2 or more times.
If this isn't a feature recently introduced to the portal it is not possible by standard, and I'm not sure how to prevent this in a (clustered) portal environment: the UME is offering a logged on/off timestamp functionality:
setLastLogoutDate
getLastSuccessfulLogonDate
But when the user is simply closing the browser I doubt that this will work. I suggest that you code your own application that simply stores and updates the user ID on a regular basis - like 5 minutes - and your logon servlet checks if the logon is valid or not.
br,
Tobias
User | Count |
---|---|
78 | |
9 | |
9 | |
7 | |
7 | |
6 | |
6 | |
5 | |
5 | |
5 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.