A way to kill Session user(only one session), solutions...

F

Fabrice

Hello,

I 'would like to build a system (based on database, not SqlServer but MySQL)
to permit only one session per user. I'm using a form athentication.

My Solution :
---------------

When a connection is established by a user, I realize an insert in a Table,
named tbLogin with many informations such as idUser, SessionId, Guid, Date,
Time..

So, if an another user try a connexion with same Login And Password, ...he
can't. The record of a connection exist in my table tbLogin and the access
is refused.
This solution is fine so long as users use the button Exit of my Application
Web.
By this way I can delete the line in the table tbLogin and allow another
access. To identify the right line (unique), i use the SessionID delivred by
the framework.

My problem
---------------

But the problem is when the user don't use this button or let the session to
expire....
How to kill this line in my table after a certain time and allow a new
connection.
I'have an idea, ...to allow an access in force. That is to say a connection
which first delete this line in Tblogin and after allow access and insert a
new line.
But in this case I'd like to remove all the session variable bind to the
specific SessionID before the deleting. That is to say, kill the session of
the user. By this way i'm sure that there is only one session by usser.


So, how to access or remove the session variables bind to a specific User
when you know this sessionID. Is it possible ? A kind of kill session like
in Oracle Database (alter kill session ...)
Or perhaps do you know a best solution ?


Thanks for your help and your time.

fabrice
 
L

Lucas Tam

But the problem is when the user don't use this button or let the
session to expire....
How to kill this line in my table after a certain time and allow a new
connection.
I'have an idea, ...to allow an access in force. That is to say a
connection which first delete this line in Tblogin and after allow
access and insert a new line.
But in this case I'd like to remove all the session variable bind to
the specific SessionID before the deleting. That is to say, kill the
session of the user. By this way i'm sure that there is only one
session by usser.

I don't think you can kill other sessions...

Well perhaps if you were using SQL Server as a state server you can... but
if it's inprocess, I don't believe this is possible.

A better solution would be to ingore the session (let it expire naturally),
and just your database to track the status of the users.
 
M

Marina

Handle the Session_End routine, and in it, delete the database row for the
session that is ending. This event will fire when the session idle timeout
is reached.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Members online

Forum statistics

Threads
473,744
Messages
2,569,482
Members
44,901
Latest member
Noble71S45

Latest Threads

Top