Z
Zeng
I would like to prevent someone sharing a login in my .net app but I know
that it would
know that would be difficult so it would be acceptable to prevent concurrent
logins. So here is my current plan, each time a user logins we will create
a unique id (a guid for example) and store it both in the cookie and in our
server for the login name. Our server will check for matching of that id for
each subsequent access (read, write data etc), if it is not matched, then we
will automatically log the user out. So if 2 people are using the same
login name, the 2nd person logging in will kick the 1st one out. Does
anybody
see any problem/hole with that approach?
Thank you very much advance for you help!
that it would
know that would be difficult so it would be acceptable to prevent concurrent
logins. So here is my current plan, each time a user logins we will create
a unique id (a guid for example) and store it both in the cookie and in our
server for the login name. Our server will check for matching of that id for
each subsequent access (read, write data etc), if it is not matched, then we
will automatically log the user out. So if 2 people are using the same
login name, the 2nd person logging in will kick the 1st one out. Does
anybody
see any problem/hole with that approach?
Thank you very much advance for you help!