All geek questions in one place

Maximum number of users for a web application

In my web application, I need to limit the maximum number of users accessing my web application. None of the users are configured in a separate properties file. I created the HttpSessionListener interface to track different users, but the problem that is worth it is that one user can request the use of several browser instances, and the number of users will increase by 1, even if the same user with a different browser instance. I need to count users based on a different IP address or another unique parameter.

+6
source share
5 answers

Perhaps you can use session cookies - if the new connected user does not have a session cookie, give them one and increase the counter, otherwise do not increase the counter.

+3
source

You cannot know whether the same user is using different instances of the user, and also does not know if the user is using two different computers, etc.

You can limit the maximum number of open sessions for each user, but note that a cookie is only a serial number that can be entered into another browser instance as a header. If the user is located on the same subnet, you cannot even distinguish this case from it by the IP address.

I mean that everything that reaches the client’s area is in no way subject to your control. Therefore, I am sure that although you could add some obstacles, you can never control it.

In any case, here are some obstacles:

  • Limit entry to only one.
  • Session cookies, domain cookies, hidden text input field.
  • A Java applet that does something weird (like getting a local IP address from subnets or other information if allowed).
  • A flash program that does something weird.
  • Tracking remote IP address.
  • Combination of the previous.
+2
source

Hide your webapp behind the login form and limit the number of users.

+1
source

This is a real problem, not just for you.

For example, HP Quality Center works like this: they count the number of currently active logins. If the concurrent login limit is available, you cannot log in with a new login name.

It works very well.

But if you use a login that is already connected, you can use the application. Thus, two users who use the same login can work at the same time.

Still a good solution that you can think of and not too difficult to develop.

0
source

This must be the craziest problem I've ever encountered, and the top of the cake is

I created an HttpSessionListener interface to track different users, but the problem is that one user can request the use of several browser instances, and the number of users increases by 1, even if the same user with a different instanc browser

Seriously?? Who even came up with the requirements. The problem that you need to solve is an insane demand, and seriously, do not implement crazy things just because the BA was embarrassed and did not do its job.

0
source

Source: https://habr.com/ru/post/887385/

More articles:


All Articles