This discussion is archived
1 2 Previous Next 20 Replies Latest reply: Mar 25, 2013 1:09 PM by VC Go to original post RSS
  • 15. Re: Deny multiple simultaneous authentication for a single user
    Stefano_i0600006 Newbie
    Currently Being Moderated
    Hi vc,
    the solution you have explained very accurately is exactly what I wanted to do! :)

    I hoped that there was already a mechanism native of Apex to handle this situation.

    But I thought to test the existence of active sessions in my table in a authentication's scheme sentry function instead of a process 'on load before header'. In this way if the sentry function return false, the current session should be closed automatically.

    Thanks for your help.

    Stefano
  • 16. Re: Deny multiple simultaneous authentication for a single user
    VC Guru
    Currently Being Moderated
    Stefano_i0600006 wrote:
    Hi vc,
    the solution you have explained very accurately is exactly what I wanted to do! :)

    I hoped that there was already a mechanism native of Apex to handle this situation.

    But I thought to test the existence of active sessions in my table in a authentication's scheme sentry function instead of a process 'on load before header'. In this way if the sentry function return false, the current session should be closed automatically.
    Yeah that will also do, I just gave an idea and yes its better to use page sentry if you can.

    Vikram
  • 17. Re: Deny multiple simultaneous authentication for a single user
    VC Guru
    Currently Being Moderated
    And I also suspect that APEX_AUTHECNTICTATION.LOGOUT will close the other sessions as well provided with a valid session id, because the first parameter is session id. I never tried it though ;)
  • 18. Re: Deny multiple simultaneous authentication for a single user
    Stefano_i0600006 Newbie
    Currently Being Moderated
    Hi jeff,
    Your solution maybe even more simple and does not require an additional table in the application.
    The only valid session for a user will always be the most recent one, while the other are rendered unusable by the authorization scheme (even if the sessions are not actually closed).
    However, if the user closes the last active session, it automatically re-enables the previous session. This may be confusing to the user.


    Thanks to you for your help.
    Stefano
  • 19. Re: Deny multiple simultaneous authentication for a single user
    Stefano_i0600006 Newbie
    Currently Being Moderated
    VC wrote:
    And I also suspect that APEX_AUTHECNTICTATION.LOGOUT will close the other sessions as well provided with a valid session id, because the first parameter is session id.
    I also thought, why not also make sense the first parameter session_id.
    But I did a test and an application session can only kill his session ... : |

    The thing I was not very clear ...

    Stefano
  • 20. Re: Deny multiple simultaneous authentication for a single user
    VC Guru
    Currently Being Moderated
    Stefano_i0600006 wrote:
    VC wrote:
    And I also suspect that APEX_AUTHECNTICTATION.LOGOUT will close the other sessions as well provided with a valid session id, because the first parameter is session id.
    I also thought, why not also make sense the first parameter session_id.
    But I did a test and an application session can only kill his session ... : |
    ok, so it can only close current session. the above functionality should be a clean solution for now
1 2 Previous Next

Legend

  • Correct Answers - 10 points
  • Helpful Answers - 5 points