Session management

[Arturo Buonanni]

Hello,

I'm coding a web application using ASP.NET 2.0 with forms
authentication.

I don't want the same user to log-in twice.
I need to detect whether the user is trying to log-in while another
session for that user is still active.

Is there a way I can prevent this?

Thanks.

 

[Patrick.O.Ige]

Arturo you can use session for that.
and check the session if it already exist..or something related.
Patrick

 

[Arturo Buonanni]

On Thu, 11 May 2006 21:53:10 +1000, "Patrick.O.Ige"

I know about session, the thing I don't know is how to enumerate
active sessions to look for an already logged-in user.

 

[Hans Kesting]

Hello,

I'm coding a web application using ASP.NET 2.0 with forms
authentication.

I don't want the same user to log-in twice.
I need to detect whether the user is trying to log-in while another
session for that user is still active.

Is there a way I can prevent this?

Thanks.

You will need to remember all logins in Application scope. Plus a
Session_End handler that removes the current user from that list
(and also remove that user on logout). Check that list after the
succesful password check.

One problem that's inherent to this: when the user closes his browser
without logging out, he can't log back in until that original
session expires in 20 minutes or so. Be sure to mention that along
with the "you can't login twice" message.

Hans Kesting

 

[Arturo Buonanni]

On Fri, 12 May 2006 10:11:41 +0200, Hans Kesting

Thanks all for your replies.

So I've to manage the list of "active" session with some custom code
by myself. No list of active sessions available it seems.