Prevent multiple login using the same user name and password

Question

I am developing an application that needs to prevent multiple login using the same user name and password.

If it happens on the same machine then obviously we need t

Answer 1

How to identify whether browser is still active or not?

Make a dummy ajax call on every minute and record the status in HttpSession against the User, session id and along with the time of last call. When the same user logins with new session, check against the user in HttpSession and check time if it exceeds more
than a minute, it means that the previous browser is closed/ not active.

Note: Time setting as per your requirement (in my case its 1 minute).

Along with above condition check, add code mentioned in the comment "If user close the browser without logout."

public class User implements HttpSessionBindingListener