How to Track User Login

Discussion in 'ASP .Net' started by Mel, Aug 15, 2007.

  1. Mel

    Mel Guest

    I am using "windows" authentication mode. I would like to store the
    username and various information when the user logs on to the website.
    Any ideas?

    It would be a bonus to store the logout time too but I hear that is
    difficult and unreliable but if anyone knows a way to do that too I am
    all ears.


    (Visual Studio 2005, Asp.net 2.0, Visual Basic)
     
    Mel, Aug 15, 2007
    #1
    1. Advertising

  2. Hi Mel,
    if you are using windows authentication IIS is responible for authenticating
    your user. Do you allow anonymous users to access your application? If no you
    can handle your login in Session_Start. Handling logout is difficult because
    if user closes browser you do not receive any information about it (unless
    you build some mechanism to ping application from browser in short
    intervals). You also can fully believe to Session_End because it is raised
    only if session is running InProc = locally in asp.net worker process.

    Regards,
    Ladislav

    "Mel" wrote:

    > I am using "windows" authentication mode. I would like to store the
    > username and various information when the user logs on to the website.
    > Any ideas?
    >
    > It would be a bonus to store the logout time too but I hear that is
    > difficult and unreliable but if anyone knows a way to do that too I am
    > all ears.
    >
    >
    > (Visual Studio 2005, Asp.net 2.0, Visual Basic)
    >
    >
     
    =?Utf-8?B?TGFkaXNsYXYgTXJua2E=?=, Aug 15, 2007
    #2
    1. Advertising

  3. *You also cannot believe to Session_End ...

    "Ladislav Mrnka" wrote:

    > Hi Mel,
    > if you are using windows authentication IIS is responible for authenticating
    > your user. Do you allow anonymous users to access your application? If no you
    > can handle your login in Session_Start. Handling logout is difficult because
    > if user closes browser you do not receive any information about it (unless
    > you build some mechanism to ping application from browser in short
    > intervals). You also can fully believe to Session_End because it is raised
    > only if session is running InProc = locally in asp.net worker process.
    >
    > Regards,
    > Ladislav
    >
    > "Mel" wrote:
    >
    > > I am using "windows" authentication mode. I would like to store the
    > > username and various information when the user logs on to the website.
    > > Any ideas?
    > >
    > > It would be a bonus to store the logout time too but I hear that is
    > > difficult and unreliable but if anyone knows a way to do that too I am
    > > all ears.
    > >
    > >
    > > (Visual Studio 2005, Asp.net 2.0, Visual Basic)
    > >
    > >
     
    =?Utf-8?B?TGFkaXNsYXYgTXJua2E=?=, Aug 15, 2007
    #3
  4. Mel

    Mel Guest

    On Aug 15, 10:14 am, Ladislav Mrnka
    <> wrote:
    > Hi Mel,
    > if you are using windows authentication IIS is responible for authenticating
    > your user. Do you allow anonymous users to access your application? If no you
    > can handle your login in Session_Start. Handling logout is difficult because
    > if user closes browser you do not receive any information about it (unless
    > you build some mechanism to ping application from browser in short
    > intervals). You also can fully believe to Session_End because it is raised
    > only if session is running InProc = locally in asp.net worker process.
    >
    > Regards,
    > Ladislav
    >
    > "Mel" wrote:
    > > I am using "windows" authentication mode. I would like to store the
    > > username and various information when the user logs on to the website.
    > > Any ideas?

    >
    > > It would be a bonus to store the logout time too but I hear that is
    > > difficult and unreliable but if anyone knows a way to do that too I am
    > > all ears.

    >
    > > (Visual Studio 2005, Asp.net 2.0, Visual Basic)


    Cool. I will just add a Global.asax to my project and try adding my
    code to the Session_Start procedure. I'll post the code here when I
    get it finished.
     
    Mel, Aug 15, 2007
    #4
  5. Mel

    Mel Guest

    On Aug 15, 10:42 am, Mel <> wrote:
    > On Aug 15, 10:14 am, Ladislav Mrnka
    >
    >
    >
    > <> wrote:
    > > Hi Mel,
    > > if you are using windows authentication IIS is responible for authenticating
    > > your user. Do you allow anonymous users to access your application? If no you
    > > can handle your login in Session_Start. Handling logout is difficult because
    > > if user closes browser you do not receive any information about it (unless
    > > you build some mechanism to ping application from browser in short
    > > intervals). You also can fully believe to Session_End because it is raised
    > > only if session is running InProc = locally in asp.net worker process.

    >
    > > Regards,
    > > Ladislav

    >
    > > "Mel" wrote:
    > > > I am using "windows" authentication mode. I would like to store the
    > > > username and various information when the user logs on to the website.
    > > > Any ideas?

    >
    > > > It would be a bonus to store the logout time too but I hear that is
    > > > difficult and unreliable but if anyone knows a way to do that too I am
    > > > all ears.

    >
    > > > (Visual Studio 2005, Asp.net 2.0, Visual Basic)

    >
    > Cool. I will just add a Global.asax to my project and try adding my
    > code to the Session_Start procedure. I'll post the code here when I
    > get it finished.


    I successfully added the Global.asax as a new item in my Visual Studio
    2005 web project. I set some session variables and then store the
    user, company and session id in an access database table called "Web
    User Log". I was not successful in setting the session end time; it
    just wasn't possible because my session state mode is not set to
    InProc so I dismissed the idea. Here is the code if anyone is
    interested....
    Thanks to everyone for your help.

    Sub Session_Start(ByVal sender As Object, ByVal e As EventArgs)
    ' Code that runs when a new session is started
    Session("IsDeveloper") = False

    'Set session variables
    If Not
    IsNothing(Context.User.Identity.Name.Substring(Context.User.Identity.Name.LastIndexOf("\")
    + 1)) Then
    Session("CurUser") =
    Context.User.Identity.Name.Substring(Context.User.Identity.Name.LastIndexOf("\")
    + 1)
    Dim CurDom As String = "DC=mydomain, DC=local"
    Dim LdapSvr As String = "mydomain.local"
    Dim LdapPath As String = "LDAP://" & LdapSvr & "/" &
    CurDom & ""
    Dim DirEnt As DirectoryEntry = New
    DirectoryEntry(LdapPath)
    Dim ds As DirectorySearcher = New
    DirectorySearcher(DirEnt, "(sAMAccountName=" & Session("CurUser") &
    ")")
    ds.PropertiesToLoad.Add("mail")
    ds.PropertiesToLoad.Add("sn")
    ds.PropertiesToLoad.Add("givenName")
    ds.PropertiesToLoad.Add("company")
    ds.PropertiesToLoad.Add("st")
    ds.PropertiesToLoad.Add("l")
    ds.PropertiesToLoad.Add("department")

    Dim sr As SearchResult = ds.FindOne
    Session("SN") =
    sr.GetDirectoryEntry().Properties("sn").Value
    Session("GivenName") =
    sr.GetDirectoryEntry().Properties("givenName").Value
    Session("mail") =
    sr.GetDirectoryEntry().Properties("mail").Value
    Session("Company") =
    sr.GetDirectoryEntry().Properties("company").Value
    Session("St") =
    sr.GetDirectoryEntry().Properties("st").Value
    Session("city") =
    sr.GetDirectoryEntry().Properties("l").Value
    Session("department") =
    sr.GetDirectoryEntry().Properties("department").Value
    End If

    If UCase(Session("CurUser")) = "DEVDUDE1" Or
    UCase(Session("CurUser")) = "DEVDUDE2" Then
    'don't store login date/time for the web developers who
    repeatedly log in and out while debugging.
    Session("IsDeveloper") = True
    Else
    If Not Session("CurUser") Is Nothing Then
    'now writing user name and login time to the WebBMQ
    database Web User Log table upon new session
    Dim strConn As String = "Provider=Microsoft.Jet.OLEDB.
    4.0;Data Source=\myserver\webbmq.mdb;"
    Dim conWebOrdNum As New
    System.Data.OleDb.OleDbConnection(strConn)
    Dim strIns As String = "INSERT INTO [Web User Log]
    ([User],[Company],[Date/Time of Entry], [Session ID]) VALUES
    (?,?,?,?)"
    Dim cmdIns As New
    System.Data.OleDb.OleDbCommand(strIns, conWebOrdNum)
    conWebOrdNum.Open()
    If Session("CurUser") Is Nothing Then
    Else
    cmdIns.Parameters.AddWithValue("User",
    Session("CurUser").ToString)
    End If

    If Session("Company") Is Nothing Then
    Else
    cmdIns.Parameters.AddWithValue("Company",
    Session("Company").ToString)
    End If

    If Session("CurUser") Is Nothing And
    Session("Company") Is Nothing Then
    Else
    cmdIns.Parameters.AddWithValue("Date/Time of
    Entry", Now.ToString)
    cmdIns.Parameters.AddWithValue("Session ID",
    Session.SessionID.ToString)
    End If
    cmdIns.ExecuteNonQuery()
    conWebOrdNum.Close()
    End If
    End If
    End Sub
     
    Mel, Aug 15, 2007
    #5
  6. Mel

    Steve Guest

    You can put that into the Session_Start event in the Global.asax. In
    fact, I don't see why you can't put the logout code in the Session_End
    event. The logout time may not be accurate to the minute, because of the
    session timeout, but you can get it pretty close...



    Steve C.
    MCAD,MCSE,MCP+I,CNE,CNA,CCNA


    Mel wrote:
    > I am using "windows" authentication mode. I would like to store the
    > username and various information when the user logs on to the website.
    > Any ideas?
    >
    > It would be a bonus to store the logout time too but I hear that is
    > difficult and unreliable but if anyone knows a way to do that too I am
    > all ears.
    >
    >
    > (Visual Studio 2005, Asp.net 2.0, Visual Basic)
    >
     
    Steve, Aug 20, 2007
    #6
  7. Mel

    Dan Colgan Guest

    Steve C... If the Session_End never ever ever ever fires what is the
    reason? - I've not ever been able to get it to fire and my Sessionstate
    mode is "Inproc"

    So far I see no validity in saying you can rely on Session_End since no
    one on the web has been able to answer this question consistently.



    *** Sent via Developersdex http://www.developersdex.com ***
     
    Dan Colgan, Sep 4, 2007
    #7
  8. Never say never.
    How do you know that it's never ever fires?
    It does always fire but if you have a bug in the code for Session_End then
    it will quietly throw an exception and be caught by ASP.NET without you
    knowing. Like for example if you tried to use Response or Request objects in
    Session_End code.

    Might have a trace in NT Event log though...

    George.



    "Dan Colgan" <> wrote in message
    news:...
    > Steve C... If the Session_End never ever ever ever fires what is the
    > reason? - I've not ever been able to get it to fire and my Sessionstate
    > mode is "Inproc"
    >
    > So far I see no validity in saying you can rely on Session_End since no
    > one on the web has been able to answer this question consistently.
    >
    >
    >
    > *** Sent via Developersdex http://www.developersdex.com ***
     
    George Ter-Saakov, Sep 4, 2007
    #8
  9. Mel

    bruce barker Guest

    you can rely on session_end if you use inproc, and there are no recyle
    events. check your event log for recycles.


    -- bruce (sqlwork.com)

    Dan Colgan wrote:
    > Steve C... If the Session_End never ever ever ever fires what is the
    > reason? - I've not ever been able to get it to fire and my Sessionstate
    > mode is "Inproc"
    >
    > So far I see no validity in saying you can rely on Session_End since no
    > one on the web has been able to answer this question consistently.
    >
    >
    >
    > *** Sent via Developersdex http://www.developersdex.com ***
     
    bruce barker, Sep 4, 2007
    #9
  10. Mel

    Dan Colgan Guest

    Here's the code - you tell me why it doesn't fire

    <SCRIPT LANGUAGE="VBScript" RUNAT="Server">

    Const strLogFilePath= "C:\Inetpub\wwwroot\AOPCTraining\session.log"

    Sub Application_OnStart
    Application("Start") = Now()
    End Sub

    Sub Session_OnStart
    Session.Timeout = 1
    Session("Start") = Now()

    Dim objFSO, objFile
    Set objFSO = Server.CreateObject("Scripting.FileSystemObject")
    Set objFile = objFSO.OpenTextFile(strLogFilePath, 8, True)
    Set objFSO = Nothing
    objFile.WriteLine "Session: " & Session.SessionID & " started at " &
    Now ()
    objFile.Close
    Set objFile = Nothing
    End Sub

    Sub Session_OnEnd
    Dim objFSO, objFile
    Set objFSO = Server.CreateObject("Scripting.FileSystemObject")
    Set objFile = objFSO.OpenTextFile(strLogFilePath, 8, True)
    Set objFSO = Nothing
    objFile.WriteLine "Session: " & Session.SessionID & " ended at " & Now
    ()
    objFile.Close
    Set objFile = Nothing
    End Sub

    Sub Application_OnEnd
    End Sub

    </SCRIPT>



    *** Sent via Developersdex http://www.developersdex.com ***
     
    Dan Colgan, Sep 4, 2007
    #10
  11. I see, I thought you talking about ASP.NET not old asp.
    It's known issue with plain ASP.


    Also writing into file concurrently is not a good idea,
    George.

    "Dan Colgan" <> wrote in message
    news:%...
    > Here's the code - you tell me why it doesn't fire
    >
    > <SCRIPT LANGUAGE="VBScript" RUNAT="Server">
    >
    > Const strLogFilePath= "C:\Inetpub\wwwroot\AOPCTraining\session.log"
    >
    > Sub Application_OnStart
    > Application("Start") = Now()
    > End Sub
    >
    > Sub Session_OnStart
    > Session.Timeout = 1
    > Session("Start") = Now()
    >
    > Dim objFSO, objFile
    > Set objFSO = Server.CreateObject("Scripting.FileSystemObject")
    > Set objFile = objFSO.OpenTextFile(strLogFilePath, 8, True)
    > Set objFSO = Nothing
    > objFile.WriteLine "Session: " & Session.SessionID & " started at " &
    > Now ()
    > objFile.Close
    > Set objFile = Nothing
    > End Sub
    >
    > Sub Session_OnEnd
    > Dim objFSO, objFile
    > Set objFSO = Server.CreateObject("Scripting.FileSystemObject")
    > Set objFile = objFSO.OpenTextFile(strLogFilePath, 8, True)
    > Set objFSO = Nothing
    > objFile.WriteLine "Session: " & Session.SessionID & " ended at " & Now
    > ()
    > objFile.Close
    > Set objFile = Nothing
    > End Sub
    >
    > Sub Application_OnEnd
    > End Sub
    >
    > </SCRIPT>
    >
    >
    >
    > *** Sent via Developersdex http://www.developersdex.com ***
     
    George Ter-Saakov, Sep 4, 2007
    #11
  12. Mel

    Dan Colgan Guest

    This same exact code is in my global.asax file as well and it doesn't
    work there either. ASP or ASP.net doesn't seem to matter, it just
    doesn't work.

    It seems puzzling to me why the code which is almost word for word in
    the session_start doesn't work in the session_end? -



    *** Sent via Developersdex http://www.developersdex.com ***
     
    Dan Colgan, Sep 4, 2007
    #12
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. William F. Robertson, Jr.
    Replies:
    0
    Views:
    458
    William F. Robertson, Jr.
    Jul 2, 2003
  2. sumi
    Replies:
    7
    Views:
    306
    Jorgen Grahn
    Nov 9, 2005
  3. pj
    Replies:
    2
    Views:
    1,960
  4. Tony Johansson
    Replies:
    3
    Views:
    16,360
    Patrice
    Jan 2, 2010
  5. Eric S

    Keeping track of users LogIn

    Eric S, Mar 2, 2010, in forum: ASP .Net
    Replies:
    5
    Views:
    800
    Eric S
    Mar 2, 2010
Loading...

Share This Page