Single User Login At A Time

[Joey Lee]

Hi,

Does anyone knows how to control user login that only a single userid can
login at a time?

Thanks

Joey

 

[Ken Cox [Microsoft MVP]]

You could store the ID of all users in an Application variable or a database
and check if that one is in use. Of course you'd need to make sure the
person logged out properly so you could remove the ID.

 

[Joey Lee]

Thank. Actually that is the problem which i am currently facing. I keep the
userid in the cache and do checking. But if the user just click on the "x"
button closing the browser. he will be log out until the cache expire or my
undetermined session_end method in global.asax fires to kill of the
information in cache.

Is there a better way??

Joey

 

[Lisa Pearlson]

This is a very common problem. Too bad that there isn't a standard HTML tag
that allows something like this:

<ONCLOSE href=http://mysite.com/logout.aspx />

I'm not sure if JavaScript can handle this. Downside of JavaScript is that
it can be disabled by the user, or unsupported by browser. I think and
<onclose> html tag should've been part of standard html.

Since it isn't, I think using timeouts is the only way. You can try limiting
the timeout to 5 minutes, and every time there is activity on the webpage,
you reset the timer. This means if the user stares at the same page for 5
minutes, the login session expires.
This could be eased with a JavaScript code that calls a
http://mysite.com/keepalive.aspx, to reset the timer.

Lisa