Skip to Content

Prevent multiple logins of the same user in portal

Hi Experts,

I have a requirement wherein I am needed to ensure that whenever a user tries to login to the portal, I should check whether this user already has a session active. If yes, I should not allow this user to login again. As in this user should not be able to login by opening a new browser window or by trying to login from some other system.

However if there are no existing sessions for this user then allow her/him to log in.

Is there any way I can achieve this by changing any parameters in Visual Admin / Config Tool or do I have to implement this functionality by making modifications in the masthead .par file?

Best Regards,

Saurabh Vakil.

Add a comment
10|10000 characters needed characters exceeded

Assigned Tags

Related questions

3 Answers

  • Best Answer
    Posted on Jan 11, 2011 at 11:13 AM

    Dear Saurabh,

    I have got confirmation from SAP on this.

    Due to technical reasons this is not possible. As HTTP is a stateless

    protocol, the server has no control over the user session. In fact the

    server does never know whether the user is still logged on or not.

    Hence it is not possible to avoid multiple logons.

    Regards,

    Shreyas Pandya

    Add a comment
    10|10000 characters needed characters exceeded

  • author's profile photo Former Member
    Former Member
    Posted on Dec 20, 2010 at 10:21 AM

    Hello,

    Please refer to this blog [How to Limit the Number of Users Logged on to your Portal / WAS|http://www.sdn.sap.com/irj/scn/weblogs?blog=/pub/wlg/5420] [original link is broken];.

    Regards

    Puneet

    Add a comment
    10|10000 characters needed characters exceeded

    • The blog you posted is about limiting the overall number of logged on users (ex: limit: 500 users) and sadly not about how to prevent that 1 user logs on 2 or more times.

      If this isn't a feature recently introduced to the portal it is not possible by standard, and I'm not sure how to prevent this in a (clustered) portal environment: the UME is offering a logged on/off timestamp functionality:

      setLastLogoutDate

      getLastSuccessfulLogonDate

      But when the user is simply closing the browser I doubt that this will work. I suggest that you code your own application that simply stores and updates the user ID on a regular basis - like 5 minutes - and your logon servlet checks if the logon is valid or not.

      br,

      Tobias

  • Posted on Dec 20, 2010 at 12:20 PM

    Hi Saurabh,

    you can do this by modifing the headerIview.jsp by using session variables.

    when a user logs into portal you have to keep his details in a session and check them everytime when he tries to login again.if it is not the first time then throw and error message

    you need to change the par file. code will be something like this

    session.setAttribute("user",request.getUser());

    if(session.getAttribute("user")!=null)

    And for preventing from backend -

    By changing the parameter - login/disable_multi_gui_login you can do this.

    Check below sap link - http://help.sap.com/saphelp_erp2004/helpdata/en/22/41c43ac23cef2fe10000000a114084/frameset.htm

    Regards,

    Sen

    Edited by: prodyut kumar sen on Dec 20, 2010 1:22 PM

    Add a comment
    10|10000 characters needed characters exceeded

    • Former Member saurabh vakil

      Hi,

      You can code as suggested by Prodyut, but i think this code wont give desired output on portal environment where there are multiple server node. I am not sure experts please provide your comments on this.

      Regards,

      Jigar Oza

Before answering

You should only submit an answer when you are proposing a solution to the poster's problem. If you want the poster to clarify the question or provide more information, please leave a comment instead, requesting additional details. When answering, please include specifics, such as step-by-step instructions, context for the solution, and links to useful resources. Also, please make sure that you answer complies with our Rules of Engagement.
You must be Logged in to submit an answer.

Up to 10 attachments (including images) can be used with a maximum of 1.0 MB each and 10.5 MB total.