-
FEATURED COMPONENTS
First time here? Check out the FAQ!
how can I limit the application to only allow one single session in one Tab ,
my application current will redirect to after logged in page if user opens a new tab / window.
any suggestion on how to accomplish this ?
Hi,
I think you can't do it.
Ref:
http://stackoverflow.com/questions/368653/how-to-differ-sessions-in-browser-tabs
why will "opening a new tab" redirect to after-logged-in page?
no.
redirect is browser's action, and forward is server's action. but they don't create a new session in the same browser.
Its is generally possible to disable multitab usage of your app, see ex. http://stackoverflow.com/questions/11652861/java-ensure-web-application-open-only-in-one-browser-tab
The solution is simple: setup a random session variable at successfull login, send it in each HTTP Response if it is present in the HTTP Request (or the request was the login request), and deny the Response otherwise. (It makes possible only navigating within your app using your own navigation, but impossible to switch to an other page inside the app using a direct URL.
The only questions is: how to force ZK (on the client side) to send this property with each request.
You can use a simple ServletFilter to check each request on the server side.
Asked: 2012-05-16 16:59:24 +0800
Seen: 262 times
Last updated: Jul 28 '16