prevent duplicate logins

[Jeff Beem]

I'm working on an application in which we have employed the use of the aspnet
membership model. My employer has asked me to ensure that any given account
can be logged in only once at a time. Determining whether or not an account
is already logged in is very simple. The next requirement is that when a
user is logging in I prompt them with a message saying that the account is
already logged in and if they continue, the other account will be logged out.
So, assuming we have the same account logged in through a different machine,
is there a way to log that account out? Isn't the "authenticated" token
stored in a cookie on the users machine?

The only other option I can think of is to force the user to wait until the
other account times out, which would be a severe annoyance for most, I
believe.

Any help would be appreciated.

Thanks,

Jeff

 

[Guest]

The only other option I can think of is to force the user to wait until the
other account times out, which would be a severe annoyance for most, I
believe.

Another way that I can think of to implement this is to have an Ajax-
based validation request (on each page of the application) to check if
the current session is still valid, or not. Whenever a user has to be
logged off at the original box, you will be notified by that request
and you could automatically execute your SignOut method. The only
thing is that you probably cannot run that Ajax request every 1 sec
and so, you cannot log the user off at the original box before the new
login. Running the validation request every 60 secs you could be sure
that an original login will be logged off during 0..59 secs *after*
the user has logged on again.

 

[Manish Bafna]

Hi,
Below link provides solution to your query.Search for "Single Login" in
below pdf file
http://209.85.165.104/search?q=cach...e+login+asp.net+2.0&hl=en&ct=clnk&cd=14&gl=in
Hope this helps.