|
Re: login/logout using swing/java
|
Posted: Feb 1, 2006 1:22 AM
|
|
I would not write anything into a file.
Is this a network application? If not, just use a login and that's it. As long as the user does not pass the login, just don't let hiim proceed.
If it IS network application, the server should use a security ticket. If the user uses a valid login, the server sends a coded String containing the ticket (generated with random numbers for example). Everytime the user want's to acces something, the security ticked is passed to the server.
The server on his side generates the ticket and put's it into a temporary list + information since when the user last used it. If the user didn't use it for - let's say 1 minute, send an identification reuest to the user. If the user doen't return the answer in 1 minute, then delete the ticket. If the user logs out, just delete the ticket. By the way: In the ticket list also note the IP from where the user logged in. Only allow access for this IP (with this ticket).
|
|