Login/Logout Problem

[smita]

Hi,

I have a small problem...Please go through it and share your views on
it.

I am using an xml file to authenticate my users. Also for each user i am
maintaining a attribute named "status" which holds the logged in information
i.e. if the user has logged in then the staus will be "LoggedIn" else it
will be "LoggedOut". Now this helps me to detect that the same user does
not login twice. if he has already logged in then the status will be
LoggedIn, so if he tries to login the 2nd time i tell him that he needs to
logout.

Now, the problem is that i change the status to "LoggedOut" only when he
logsout using the LOGOUT button. But if he just closes the browser and ends
the application without logging out through the LOGOUT button then i want to
log him out explicitly when he closes the browser. I am not using
sessions...but i have a hint that this may require the use of sessions.
Can't i solve this problem without using Sessions. i.e. Is it possible that
i get some message when the user ends the application by closing the
browser, so using that message i can log him out explicitly.

Please help...

regards,
Smita.

[richlm]

You don't need to do anything explicit to "use" sessions - at least not in this context

There's a Session_End() event that you can declare in global.asax
This is called when a session times out or ends
I expect you can still get hold of the context (and therefore the username) in this event

This is just something to try - I am not sure it will solve your problem 100%.

[Madan Nayak]

Hi

use the authentication ticket.
Keep the relevenat information in the ticket while doing authentication.

But it will use httpCookie for storing the information.
Extract the information from cookie in session_end event and do the
necessary stuff.
Hope this would solve the problem.

Another soultion, you can store the CustomPrincipal in the HttpContex and
retrive the users infor any time after the authentication.

Thanks
Madan

"smita" <smita@rarefind.com> wrote in message
news:O24K9VS9DHA.3012@TK2MSFTNGP09.phx.gbl...

> Hi,
>
> I have a small problem...Please go through it and share your views on
> it.
>
> I am using an xml file to authenticate my users. Also for each user i am
> maintaining a attribute named "status" which holds the logged in

information

> i.e. if the user has logged in then the staus will be "LoggedIn" else it
> will be "LoggedOut". Now this helps me to detect that the same user does
> not login twice. if he has already logged in then the status will be
> LoggedIn, so if he tries to login the 2nd time i tell him that he needs to
> logout.
>
> Now, the problem is that i change the status to "LoggedOut" only when he
> logsout using the LOGOUT button. But if he just closes the browser and

ends

> the application without logging out through the LOGOUT button then i want

to

> log him out explicitly when he closes the browser. I am not using
> sessions...but i have a hint that this may require the use of sessions.
> Can't i solve this problem without using Sessions. i.e. Is it possible

that

> i get some message when the user ends the application by closing the
> browser, so using that message i can log him out explicitly.
>
> Please help...
>
> regards,
> Smita.
>
>