I am using the provided ASP.NET SQL Membership & Role providers in my application.
How can I prevent that the same user does login from different workstations using the same credentials? I can imagine to use the IP address for this but I dont really know where to start from...
Also what about users behind the same router? Is there a way to prevent them access from different client PC's?
My application is windows authenticated. The application pulls JUST the userName from the current windows account. Then I provide site access to this user depending on his account privileges. If his userName belongs to the admins list he is directed to admin screens. If his username belongs to users list he is directed to users screens. I handle this security in C# and some SQL tables(No membership provider and no Active directory security in the app).
I need to be able to prevent multiple concurrent logins for the same userName.
My IIS server requires authentication to access the localserver this is causing android WebView component to get 403 error once directed the the url if I uncheck Basic Authentication under Directory found in Computer Management -> Web Sites -> Properties I would receive 403 error(Access Denied) this time including my browser
once I restart my computer How do I disable authentication without losing access to it? if this is not possible Is there a way to allow android WebView enter the username and password automatically to prevent 403 error?
In my application there are 4 connection strings...from that i want one connectionstring should be default connection string.How to do ?
View 1 RepliesI'm writing an ASP.Net MVC intranet application which is accessed via handhelds and a range of browsers. My users all have AD accounts and have different permission to our SQL database views/procs depending on who they area. The database also uses CURRENT_USER for horizontal partitioning.
Because of the range of devices that need to access the application I can't rely on impersonation/delegation or the trusted subsystem. I want the user to simply input username and password (same as AD) when the above mechanisms fail.
Does anyone know how I can use AD username and password in a connection string to access the database without creating a set of SQL mirror accounts? I can't login with network service or a sql proxy account because the database needs to be user aware.
I am connecting to Oracle database from .net using OLEDB.
My Connection string :
[Code]....
I am using above ConnectionString to communicate with database. To make it work, I have to store password (don't want to do that) in session and use it every time I need to talk to db.
1) Is there any other connection string without username and password with oledb?
2) I use "Integrated Security" for MSSQL. How can I use the same with OLEDB - Oracle database?
string sConnectionString = "Provider=OraOLEDB.Oracle;"
In the web.config, how do add a connection string by using a window authentication with the username and password? I have tried like this and it keeps ignoring the username and password
<connectionStrings>
<clear/>
<remove name="LocalSqlServer"/>
<add name="LocalSqlServer" connectionString="Integrated Security=SSPI;Initial Catalog=ufiledb;Data Source=MyServer;User Id=user1;Password=xxxxxx" providerName="System.Data.SqlClient"/>
</connectionStrings>
Is there an easy way to prevent users from opening multiple instances of the same web application? Can I add something to the application start section of the global page which would prevent this?
View 4 RepliesI want to prevent multiple user login for same user in asp.net.. How can I achieve. Note: I want to control without database concepts
View 2 Replieshow to prevent multiple user to be logged in at a time using a user id ?
I searched the internet and found some ways but somehow they do not work in these situations:
If javascript in brower is turned off.
If user do not click logout and directly close brower.
I am trying to prevent multiple simultaneous logins in my web application. I want to signout all/any previous authentications of a user when they login. Such that the current login remains the only one.
How do I go about calling FormsAuthentication.SignOut() for a particular user to invalidate any existing authentications.I have tried searching everywhere but no answers, only theories.
What whould be the best way to prevent multiple users on a page?
For example if a user is at the page "Home.aspx", no other users should be allowed to go there.
I'm using asp.net on the server and the js-frameword jQuery on the client side.
how to prevent multiple login using vb.net? I'm using visual studio.net 2008
View 6 Repliesi have probleM to check the login ,but i found one solution in this site.. AVOID MULTIPLE USER LOGIN, ...IS THER ANY OTHER METHOD TO SOLVE THIS PROBLEM.....
View 1 RepliesI managed to user to perform multiple log on from other IE window session in my web application if the same log on is currently being used.Unfortunately I have problem to control multiple log on if the user is logging in using tab browsing in the same session. I know this is due to the same session Id but is there any way to trace down to the tab level within the same session?
View 2 Repliesprevent multiple clicks on Submit, I am using
//to prevent multiple clicks
this.imgGonder.Attributes.Add("onclick", "this.disabled = true;" + this.GetPostBackEventReference(this.imgGonder));
in PageLoad()...
this works fine while testing and %90 other users. But I still see some duplicates in database from other users.
I am looking at how best to prevent a single user account logging on multiple times in a webforms application. I know that MembershipUser.IsOnline exists, but I've read a few forum and blog entries suggesting that this can be unreliable, particularly in scenarios where a user closes a browser (without logging out) and attempts to logon with a different machine or browser.
I looked at implementing a last past the post type system; when a user logs on older users are simply kicked off. It seems that FormsAuthentication.Signout() only works for the current user.
Am I missing a trick, is there a better way to prevent the same username logging on from multiple different locations?
I just want to detect who came to login into site and if same login already logged in ,if same login previously exits then we need to logout the previous session , how to do it using asp.net c#
View 1 RepliesSo its a ASP.NET problem where two users using the same machine, same browser:
User 1 logs in the domain.
User 1 changes some data without saving it.
User 2 logs in the domain in a separate tab.
User 1 switches back to his tab and saves the data.
User 1 actually saved the data into User 2!!
This is caused by the following mechanism:
Different tabs in the same browser seems to share the same session id.
We are storing user auth in cookie and the cookie is shared between tabs (same domain)
Therefore, when User 1 request to save, it is recognized as User 2 since the cookie has been updated to User 2.
So I'm wondering if there's any other methods to prevent this from happening, other than:
1. Use cookieless session so the session is embedded in uri.
2. Always include a hidden field in page to indicate which user owns the page.
I have ASP.net application that is basically a data entry screen for a physical inspection process. The users want to be able to have multiple browser windows open and enter data from multiple inspections concurrently. At first I was using cookie based sessions, and obviously this blew up.I switched to using cookie-less sessions, which stores the session in the URL and in testing this seemed to resolve the problem. Each browser window/tab had a different session ID, and data entered in one did not clobber data entered in the other.
However my users are more efficient at breaking things than I expected and it seems that they're still managing to get the same session between browsers sometimes. I think that they're copying/pasting the address from one tab to the other in order to open the application, but I haven't been able to verify this yet (they're at another location so I can't easily ask them).Other than telling them don't copy and paste, or convince them to only enter one at a time, how can I prevent this situation from occurring?
I'm writing a page that gets info from my database quite often, but on different events.
To demonstrate, There are three buttons- "Adults","Kids", and "babies".
When clicking on "Adults" the code fetches info from the "Adults" table and displays it.
Everything is working well, thing is I'm not sure that the way I implemented it is good enough.
What I did is that on each button click, in the eventhandler a new instance of the connection object is created, with which I open a conneciton, fetch the data, and than close it.
So, if I have 3 buttons- there are three different connection objects, in three differenct eventhandlers, each doing his own Open-Close.
Thing is the page needs to expand to 19 objects (give or take) where not all of them are buttons, each of them should access my datasource- and I'm pretty sure that 19 times creating a connection object + Open-Close operations for each is the wrong way.
How can we prevent non ahuthenticated users from like and dislike multiple times?one way : save Ip address in a cookiebut theres's two problem1. I heard Ip address isn't unique and changes frequently2. cookie can be deleted by userI'd .
View 1 RepliesI am having a problem with users clicking submitting pages multiple times. What is happening is a user will click a link, if nothing happens in .025 seconds they click another link or menu item, etc. I handle users clicking the back button and the impatient user winds up getting directed to my "Dont click the back button" page even though they dont click the back button.
I need to prevent mutiple submits by disabling all submit controls on my pages. I dont have a single submit button, i have pages with menus, gridviews, yada yada that all need to get turned off.
I have pages that use update panels and pages that dont. All my pages inherit from a BasePage class. I would like to solve this problem by implementing the solution in my BasePage class.
I did a little research and found this little script that works for synchronous postbacks:
[Code]....
How to prevent multiple browser windows opening in asp.net ...
View 1 RepliesI want to implement Login session , in which one user can login from one device only ..and if on other device try to login with same ID theĀ First Device get an Alert..
View 1 Replies