Wrox Programmer Forums

Need to download code?

View our list of code downloads.

Go Back   Wrox Programmer Forums > .NET > Other .NET > General .NET
Password Reminder
Register
Register | FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read
General .NET For general discussion of MICROSOFT .NET topics that don't fall within any of the other .NET forum subcategories or .NET language forums.  If your question is specific to a language (C# or Visual Basic) or type of application (Windows Forms or ASP.Net) try an applicable forum category. ** PLEASE BE SPECIFIC WITH YOUR QUESTION ** When posting here, provide details regarding the Microsoft .NET language you are using and/or what type of application (Windows/Web Forms, etc) you are working in, if applicable to the question. This will help others answer the question without having to ask.
Welcome to the p2p.wrox.com Forums.

You are currently viewing the General .NET section of the Wrox Programmer to Programmer discussions. This is a community of tens of thousands of software programmers and website developers including Wrox book authors and readers. As a guest, you can read any forum posting. By joining today you can post your own programming questions, respond to other developers’ questions, and eliminate the ads that are displayed to guests. Registration is fast, simple and absolutely free .
DRM-free e-books 300x50
Reply
 
Thread Tools Search this Thread Display Modes
  #1 (permalink)  
Old July 24th, 2004, 03:26 AM
Registered User
 
Join Date: Jul 2004
Location: Mumbai, MH, India.
Posts: 3
Thanks: 0
Thanked 0 Times in 0 Posts
Default DUPLICATES NOT ALLOWED

I am writing an ASP .Net Sales application. Can anyone suggest me a method to avoid simultaneous logins (e.g. User "anon" should not exist on two client machines)? Please consider conditions like power failure at client site. I do not want to catch any "close" events and then execute something. Because, in case of a power cut, that's not going to work.

Regards & cheers,

cOdEdRiLLeR
Reply With Quote
  #2 (permalink)  
Old July 24th, 2004, 02:47 PM
planoie's Avatar
Friend of Wrox
Points: 16,481, Level: 55
Points: 16,481, Level: 55 Points: 16,481, Level: 55 Points: 16,481, Level: 55
Activity: 0%
Activity: 0% Activity: 0% Activity: 0%
 
Join Date: Aug 2003
Location: Clifton Park, New York, USA.
Posts: 5,407
Thanks: 0
Thanked 16 Times in 16 Posts
Default

You are pretty limited with what you can do with an ASP.NET application. Usually you would store some value in session when the first login occurs. Then when a second login occurs, you check that value and deny login if it's still there. When the session times out (or someone actually hits a "logout" button) the value is cleared so another login can occur. However, if the client loses power or shuts down the browser without loggin out, another login can not occur until the session times out. Now, you could certainly set a very short session timeout but this would have adverse affects on a valid logged in user. They would need to maintain enough activity to keep the session active.

Unfortunately, due to the more passive and stateless nature of web applications you will be limited in what you can achieve.

Do you expect your clients to loose power on a regular basis?
Reply With Quote
  #3 (permalink)  
Old July 25th, 2004, 10:45 PM
Registered User
 
Join Date: Jul 2004
Location: Mumbai, MH, India.
Posts: 3
Thanks: 0
Thanked 0 Times in 0 Posts
Default

I appreciate your response, planoie [Moderators generally DO NOT reply].

Yes. I do expect expect my clients to loose power on a regular basis. Actually, that is why this post exists. PLEASE suggest me a way that can provide a protection against duplicate logins. Can I use session_start/end in global.asax (I am using VB .Net)?

Thanks in advance.

cOdEdRiLLeR
Reply With Quote
  #4 (permalink)  
Old July 26th, 2004, 08:11 AM
Friend of Wrox
 
Join Date: Jun 2003
Location: , , .
Posts: 540
Thanks: 0
Thanked 4 Times in 4 Posts
Default

Actually, the moderators on this forum are very good about posting :)

What about using .IsClientConnected to verify that your users are still connected?

J
Reply With Quote
  #5 (permalink)  
Old July 26th, 2004, 09:45 AM
planoie's Avatar
Friend of Wrox
Points: 16,481, Level: 55
Points: 16,481, Level: 55 Points: 16,481, Level: 55 Points: 16,481, Level: 55
Activity: 0%
Activity: 0% Activity: 0% Activity: 0%
 
Join Date: Aug 2003
Location: Clifton Park, New York, USA.
Posts: 5,407
Thanks: 0
Thanked 16 Times in 16 Posts
Default

ASP.NET is a web technology, therefore, for the most part (>95% of the time) the client is NOT connected. It's a stateless, disconnected environment. So using .IsClientConnected is rather pointless.

cOdEdRiLLeR-
I'm curious to hear why you expect your clients to loose power on a regular basis. (Perhaps purchasing some UPSs would be wise! ;))

But seriously, my previous post did provide you with a solution but it was wrong. I wasn't thinking "globally". I intended to suggest using an application value (not session, as session is user specific). You could also use the ASP.NET web cache. Perhaps you could store some table of users so you can check to see that a particular user is not already logged in. A hash table might be adequate for this operation. Store a hash table with the user ID as the hash table key, then you store that user's "login expiration" (DateTime) as the value. This way, then a user tries to log in, if the login is occurring before the "login expiration" value then you deny login. If the login is occurring after the "login expiration" then you permit login.

The more prominent point that I was trying to make is that with the disconnected nature of a web application, it's difficult to know when a user is truly disconnected. Maybe with the above solution, you can set up something so that the server is being "polled" by some means. Normally, you would do this with a hidden page (in a hidden frame) that refreshes on a regular basis. The page doesn't have to do anything except update the "login expiration" to Now + x minutes. This way, your login could be set to expire in a very short time (like 1 or 2 minutes) and this hidden page automatically refreshes every 45 seconds. This would keep the login active while the user's browser is open. Once they close it, the login would automatically expire after the "login expiration" time has passed. This would cover closing the browser without logging out and also a power failure. Then when the user tries to log in after their computer is back on (which should definately take more than a minute or two, especially in a power failure), the previous login has since expired and they will be permitted to log in again.
Reply With Quote
  #6 (permalink)  
Old July 26th, 2004, 02:29 PM
Friend of Wrox
 
Join Date: Jun 2003
Location: , , .
Posts: 540
Thanks: 0
Thanked 4 Times in 4 Posts
Default

Well, it was rather early when I wrote that post.

Peter, if you would be so kind as to give an example of when .IsClientConnected would be beneficial, I would appreciate it.

When I posted the last message, I had read that it could be used to determine whether the client's machine was still connected. But I see your point. So this is really only useful when the current page is still processing, correct? Once it stops processing, it is useless?

________________________________________________

To the question, how about an Administrator tool that can reset all or some of the login/passwords in the event of a power outage? May not be as pretty as Peter's suggestion, but it is a suggestion...

J
Reply With Quote
  #7 (permalink)  
Old July 26th, 2004, 10:32 PM
Registered User
 
Join Date: Jul 2004
Location: Mumbai, MH, India.
Posts: 3
Thanks: 0
Thanked 0 Times in 0 Posts
Default

Hey katsarosj,

I already have that provision in my admin interface bud. But... what if the admin is not in his seat to see whos on and whos not. Anyways. Peter's post (hidden refresh page) makes sense. I'll try Peter. I let you know ;).

cOdEdRiLLeR
Reply With Quote
  #8 (permalink)  
Old July 27th, 2004, 08:36 AM
Friend of Wrox
 
Join Date: Jun 2003
Location: , , .
Posts: 540
Thanks: 0
Thanked 4 Times in 4 Posts
Default

OK,

It was just a thought. We have people who are on call if anything goes wrong (such as passwords needing to be changed or reset), so I was assuming that you would have something similar.

J
Reply With Quote
  #9 (permalink)  
Old July 27th, 2004, 12:38 PM
planoie's Avatar
Friend of Wrox
Points: 16,481, Level: 55
Points: 16,481, Level: 55 Points: 16,481, Level: 55 Points: 16,481, Level: 55
Activity: 0%
Activity: 0% Activity: 0% Activity: 0%
 
Join Date: Aug 2003
Location: Clifton Park, New York, USA.
Posts: 5,407
Thanks: 0
Thanked 16 Times in 16 Posts
Default

I think you answered the question yourself. :)
Quote:
quote:Originally posted by katsarosj
 So this is really only useful when the current page is still processing, correct? Once it stops processing, it is useless

How would you execute the IsClientConnected() method if the page isn't processing ;)
Reply With Quote
  #10 (permalink)  
Old July 27th, 2004, 03:05 PM
Friend of Wrox
 
Join Date: Jun 2003
Location: , , .
Posts: 540
Thanks: 0
Thanked 4 Times in 4 Posts
Default

Yeah, I guess I was just trying to envision an application that would take so long that it would need to verify that the client was still connected. Apparently, the recommendations for it's use are for processor intense applications (although, unless this is something where this is expected, it might irritate some people to have to wait that long...)

For anyone who is interested, Microsoft posted an example of this at:

http://support.microsoft.com:80/supp.../q182/8/92.asp

It uses classic ASP, but you should get the idea.

J
Reply With Quote
Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off
Trackbacks are Off
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
I am getting this error- Operaton is not allowed Shuchik Classic ASP Basics 10 August 24th, 2007 01:58 AM
Yes to duplicates MMJiggy62 Beginning VB 6 3 July 14th, 2006 11:51 AM
Whitespace is not allowed at this location crmpicco XML 0 May 3rd, 2005 11:30 AM
UDF: allowed in one DB but not another??? ea SQL Server 2000 2 January 18th, 2005 03:14 PM
Duplicates ashley_y Access 11 August 14th, 2003 03:41 PM



All times are GMT -4. The time now is 11:35 PM.


Powered by vBulletin®
Copyright ©2000 - 2019, Jelsoft Enterprises Ltd.
© 2013 John Wiley & Sons, Inc.