Session
-
Hi, I want to know how can I have single active session for single user? For ex. Consider I login to website and after successful login my ID is stored in session and If I leave this session in active mode and login to the website using another PC I am able to login to the site and both of my session are active. How can I abandon previous session? Is there anyway I can achieve this? Thanking You!
Rock Star
Hi Why did not you deny that log-on when someone have logged on via that account already?
Mohammad Khansari
-
Hi Why did not you deny that log-on when someone have logged on via that account already?
Mohammad Khansari
-
Hi, I want to know how can I have single active session for single user? For ex. Consider I login to website and after successful login my ID is stored in session and If I leave this session in active mode and login to the website using another PC I am able to login to the site and both of my session are active. How can I abandon previous session? Is there anyway I can achieve this? Thanking You!
Rock Star
Just put the ip to storage while the user logs in. Also for every request, check if the client ip is there in the server. If the user logs in from another computer, just replace the ip with the new one. Thus any request from the other client will be rejected as it first checks to the database value which is changed. ;)
Abhishek Sur **Don't forget to click "Good Answer" if you like this Solution.
My Latest Articles-->** Simplify Code Using NDepend
Basics of Bing Search API using .NET
Microsoft Bing MAP using Javascript -
Just put the ip to storage while the user logs in. Also for every request, check if the client ip is there in the server. If the user logs in from another computer, just replace the ip with the new one. Thus any request from the other client will be rejected as it first checks to the database value which is changed. ;)
Abhishek Sur **Don't forget to click "Good Answer" if you like this Solution.
My Latest Articles-->** Simplify Code Using NDepend
Basics of Bing Search API using .NET
Microsoft Bing MAP using Javascript -
I dont want to hit my database for it. without hitting my database I want to achieve this functionality.
Rock Star
You can create a static class that contains SessionIDs and UserIDs(or IPAddresses) that logged on and use that for checking log-on. like static class SessionList { static ArrayList Sessions; ... } OR You can use Applications State for that
Mohammad Khansari
-
Hi, I want to know how can I have single active session for single user? For ex. Consider I login to website and after successful login my ID is stored in session and If I leave this session in active mode and login to the website using another PC I am able to login to the site and both of my session are active. How can I abandon previous session? Is there anyway I can achieve this? Thanking You!
Rock Star
You may want to try looking at the
cacheclass. It's like a session, but it's application level(from what I've been reading about it) MSDN Link[] -
That's a great idea But is there anything else so I dont have to hit the database.
Rock Star
You might use Cache or Application. Both are Global and In memory shared variable. In case of application you use : Application.Lock(); Application[currentUserName] = IP; Application.UnLock(); If you are using Cache, you dont need to lock as it handles automatically. ;)
Abhishek Sur **Don't forget to click "Good Answer" if you like this Solution.
My Latest Articles-->** Simplify Code Using NDepend
Basics of Bing Search API using .NET
Microsoft Bing MAP using Javascript -
You may want to try looking at the
cacheclass. It's like a session, but it's application level(from what I've been reading about it) MSDN Link[]The solution I will give you will only work if you are NOT in a web-farm and if you have a Session manager that supports informing you when a session dies. Create a dictionary, like:
private static Dictionary<string, string> _someDictionaty = new Dictionary<string, string>();
Each time a user log-ins (after you validated the password) will do:
lock(_someDictionary)
_someDictionary[...loginHere...] = HttpContext.Current.Session.SessionID;Except from the login page, you must check if the "actual" session is the active session for logged user. So:
string activeSessionId;
lock(_someDictionary)
{
if (_someDictionary.TryGetValue(...loginHere..., out activeSessionId)
{
// Some old session was found for this ID, so check if it is the same or not.
if (activeSessionId != HttpContext.Current.Session.SessionID)
// the activeSession is not this... so, show an error? Redirect to login?
}
else
{
// There is no session registered for this login. Is this an error?
}
}And finally, in Global.asax, in the Session_End method, you must remove the session for that user, so:
var pair = new KeyValuePair<string, string>(...loginHere..., HttpContext.Current.Session.SessionID);
IDictionary<string, string> dictionary = _someDictionary;lock(_someDictionary)
dictionary.Remove(pair);I used the Remove that accepts a key/value pair because if a session ends that is not the valid one we must simple ignore it.
-
The solution I will give you will only work if you are NOT in a web-farm and if you have a Session manager that supports informing you when a session dies. Create a dictionary, like:
private static Dictionary<string, string> _someDictionaty = new Dictionary<string, string>();
Each time a user log-ins (after you validated the password) will do:
lock(_someDictionary)
_someDictionary[...loginHere...] = HttpContext.Current.Session.SessionID;Except from the login page, you must check if the "actual" session is the active session for logged user. So:
string activeSessionId;
lock(_someDictionary)
{
if (_someDictionary.TryGetValue(...loginHere..., out activeSessionId)
{
// Some old session was found for this ID, so check if it is the same or not.
if (activeSessionId != HttpContext.Current.Session.SessionID)
// the activeSession is not this... so, show an error? Redirect to login?
}
else
{
// There is no session registered for this login. Is this an error?
}
}And finally, in Global.asax, in the Session_End method, you must remove the session for that user, so:
var pair = new KeyValuePair<string, string>(...loginHere..., HttpContext.Current.Session.SessionID);
IDictionary<string, string> dictionary = _someDictionary;lock(_someDictionary)
dictionary.Remove(pair);I used the Remove that accepts a key/value pair because if a session ends that is not the valid one we must simple ignore it.
-
The solution I will give you will only work if you are NOT in a web-farm and if you have a Session manager that supports informing you when a session dies. Create a dictionary, like:
private static Dictionary<string, string> _someDictionaty = new Dictionary<string, string>();
Each time a user log-ins (after you validated the password) will do:
lock(_someDictionary)
_someDictionary[...loginHere...] = HttpContext.Current.Session.SessionID;Except from the login page, you must check if the "actual" session is the active session for logged user. So:
string activeSessionId;
lock(_someDictionary)
{
if (_someDictionary.TryGetValue(...loginHere..., out activeSessionId)
{
// Some old session was found for this ID, so check if it is the same or not.
if (activeSessionId != HttpContext.Current.Session.SessionID)
// the activeSession is not this... so, show an error? Redirect to login?
}
else
{
// There is no session registered for this login. Is this an error?
}
}And finally, in Global.asax, in the Session_End method, you must remove the session for that user, so:
var pair = new KeyValuePair<string, string>(...loginHere..., HttpContext.Current.Session.SessionID);
IDictionary<string, string> dictionary = _someDictionary;lock(_someDictionary)
dictionary.Remove(pair);I used the Remove that accepts a key/value pair because if a session ends that is not the valid one we must simple ignore it.
Hi, I m getting the following errors. Error 1 The type or namespace name 'KeyValuePair' could not be found (are you missing a using directive or an assembly reference?) Error 2 The non-generic type 'System.Collections.IDictionary' cannot be used with type arguments Error 3 The name '_someDictionary' does not exist in the current context D:\Projects\Demo\Website\Global.asax Error 4 The name '_someDictionary' does not exist in the current context D:\Projects\Demo\Website\Global.asax And it is not allowing me to declare dictionary as private static
Rock Star
-
Hi, I m getting the following errors. Error 1 The type or namespace name 'KeyValuePair' could not be found (are you missing a using directive or an assembly reference?) Error 2 The non-generic type 'System.Collections.IDictionary' cannot be used with type arguments Error 3 The name '_someDictionary' does not exist in the current context D:\Projects\Demo\Website\Global.asax Error 4 The name '_someDictionary' does not exist in the current context D:\Projects\Demo\Website\Global.asax And it is not allowing me to declare dictionary as private static
Rock Star
If I am not wrong, the KeyValuePair and the Dictionary classes are in the System.Collections.Generic But, to be honest, I always use the editor to add them to me. When you put the caret in the class name, a small rectangle appears. Click in it, and one of the options is to add the using reference.
-
If I am not wrong, the KeyValuePair and the Dictionary classes are in the System.Collections.Generic But, to be honest, I always use the editor to add them to me. When you put the caret in the class name, a small rectangle appears. Click in it, and one of the options is to add the using reference.