Home All Groups Group Topic Archive Search About

Preventing same user from logging twice

microsoft.public.inetserver.asp.general


Author
18 Mar 2005 9:25 AM
Karthik
Hi,

I have a website running on ASP.Net on IIS 6.0. This website has more than
10000 users login everyday. At times the users login with the same user name
and password more than once at the same time.

I would like to prevent this from happening as it creates a huge problem at
the back end (SQL 2k).

I maintain all logins in a session to validate. For example if userid "xyz"
logs in, I maintain "xyz" in a session.

Is there any other way to traverse through all the session values? This way
I would be able to prevent "xyz" from logging in again, when he is already
logged in.

Can someone please help me as I am facing a lot of problem because of this?

Thank you.

Regards,
Kart

Author
18 Mar 2005 12:17 PM
Patrice
IMO not easy. The easiest way I see would be to record at login time the
session id and to accept request only with this id. Note though that it
means that if someone logs in under an account, the currently connected
person will be unable to carry on its session.

If you do it the other way round (ie. keeping the session for the first
connected person) you'll ran into issues caused by the need to be able to
distinguish that the session expired...

Actually my first thought would be rather to see if the problem caused by
multiple sessions could be corrected. Generally this is when you associate
some temporary data with the user instead of associating these data with the
session (for example in a temp table you may want to use the sessionid
rather than the user id).

Patrice

--

Show quote
"Karthik" <Kart***@discussions.microsoft.com> a écrit dans le message de
news:3B1A2A96-5F8E-42F8-AEC9-37BDB437503A@microsoft.com...
> Hi,
>
> I have a website running on ASP.Net on IIS 6.0. This website has more than
> 10000 users login everyday. At times the users login with the same user
name
> and password more than once at the same time.
>
> I would like to prevent this from happening as it creates a huge problem
at
> the back end (SQL 2k).
>
> I maintain all logins in a session to validate. For example if userid
"xyz"
> logs in, I maintain "xyz" in a session.
>
> Is there any other way to traverse through all the session values? This
way
> I would be able to prevent "xyz" from logging in again, when he is already
> logged in.
>
> Can someone please help me as I am facing a lot of problem because of
this?
>
> Thank you.
>
> Regards,
> Kart
>

AddThis Social Bookmark Button

Post Other interesting topics
Asp.net DropDownList, AutoPostBack, and ViewState
ASP Site Design Question
Classic ASP to .NET WebService interfacing (Dataset to RecordSet)
Session cookies disappear!
Timeout? in asp script upload