Ask a Question related to ASP.NET Security, Design and Development.
-
Zeng #1
Disallowing concurrent login using the same user account
I would like to prevent someone sharing a login in my .net app but I know
that it would
know that would be difficult so it would be acceptable to prevent concurrent
logins. So here is my current plan, each time a user logins we will create
a unique id (a guid for example) and store it both in the cookie and in our
server for the login name. Our server will check for matching of that id for
each subsequent access (read, write data etc), if it is not matched, then we
will automatically log the user out. So if 2 people are using the same
login name, the 2nd person logging in will kick the 1st one out. Does
anybody
see any problem/hole with that approach?
Thank you very much advance for you help!
Zeng Guest
-
Concurrent user
How much water will a bucket hold? Depends on the size of the bucket. What is the application doing? How much database activity is going on? What... -
Concurrent user
is there an answer to how many concurrent users a cf server can handle. -
How to allow a user account local login to server?
Hi, I need to allow some local access so they can administer print jobs and print reports from a custom printing app installed on Server 2003. ... -
Setting user account login time restrictions
Is it not possible to restrict user login times under Windows XP Home? I have kids that I want to force to logoff after a certain time. -
Old Windows user account VS New windows user account ROUND 1
Larissa; Her name is listed because her name was used when the profile was created. Create a new profile and copy the data to the new profile:... -
Svein Terje Gaup #2 Re: Disallowing concurrent login using the same user account
I've been using a similar method, and it works well.
Sincerely
Svein Terje Gaup
"Zeng" <zzy@nonospam.com> wrote in message
news:eQX%23cfsiEHA.2340@TK2MSFTNGP11.phx.gbl...>I would like to prevent someone sharing a login in my .net app but I know
> that it would
> know that would be difficult so it would be acceptable to prevent
> concurrent
> logins. So here is my current plan, each time a user logins we will
> create
> a unique id (a guid for example) and store it both in the cookie and in
> our
> server for the login name. Our server will check for matching of that id
> for
> each subsequent access (read, write data etc), if it is not matched, then
> we
> will automatically log the user out. So if 2 people are using the same
> login name, the 2nd person logging in will kick the 1st one out. Does
> anybody
> see any problem/hole with that approach?
>
> Thank you very much advance for you help!
>
>
Svein Terje Gaup Guest
Reply With QuoteSimilar Questions and Discussions
Posting Permissions
- You may not post new threads
- You may post replies
- You may not post attachments
- You may not edit your posts
