Asp.net - To Prevent A Single User Account Logging On Multiple Times In A Webforms Application

Dec 16, 2010

I am looking at how best to prevent a single user account logging on multiple times in a webforms application. I know that MembershipUser.IsOnline exists, but I've read a few forum and blog entries suggesting that this can be unreliable, particularly in scenarios where a user closes a browser (without logging out) and attempts to logon with a different machine or browser.I looked at implementing a last past the post type system; when a user logs on older users are simply kicked off. It seems that FormsAuthentication.Signout() only works for the current user.

View 2 Replies


ADVERTISEMENT

How To Prevent Logging An Error Multiple Times

May 8, 2009

I have a pretty general .NET exception handling question, it's not necessarily specific to ASP.NET. In my application I'm doing something like:

[code]...

So I'd like to log the error only once, when it first occurs and then throw it up the exception stack until it gets to the top level where the exception or some more user-friendly error is displayed to the user. But how do I log it only once? How do I know it hasn't been logged before?

View 4 Replies View Related

Prevent Multiple User Logging Into The Same Domain Using The Same Browser?

Jul 10, 2010

So its a ASP.NET problem where two users using the same machine, same browser:

User 1 logs in the domain.
User 1 changes some data without saving it.
User 2 logs in the domain in a separate tab.
User 1 switches back to his tab and saves the data.
User 1 actually saved the data into User 2!!

This is caused by the following mechanism:

Different tabs in the same browser seems to share the same session id.

We are storing user auth in cookie and the cookie is shared between tabs (same domain)

Therefore, when User 1 request to save, it is recognized as User 2 since the cookie has been updated to User 2.

So I'm wondering if there's any other methods to prevent this from happening, other than:

1. Use cookieless session so the session is embedded in uri.
2. Always include a hidden field in page to indicate which user owns the page.

View 3 Replies View Related

Web Forms :: How To Prevent User From Logging In Twice To An Application

Mar 2, 2008

How to prevent user from logging in twice to an application

View 9 Replies View Related

MVC Application Fires Session_Start Multiple Times For A Single Session

Jul 29, 2010

We have an MVC.NET application that encounters fatal errors when it restarts. In our Session_Start event handler, we add the session id to a dictionary. In the Session_End handler, we remove it. Consider the following sequence of requests:

GET home.mvc
<application restarts>
GET main.css
GET banner.jpg
GET somedata.mvc
...

Because of the way the application is architected, this sort of sequence happens fairly frequently if you do a rebuild while the application is open in a browser window. That wouldn't be terribly concerning except that I see it in production environments too. For example, it will occur (albeit rarely) when you edit web.config.

The requests following the restart are all due to links in the home page or AJAX calls from JavaScript.

What I observe is that .NET handles the first 5 requests in parallel. Each such request causes it to fire the Session_Start event. After a short time, it fires the Session_End event 3 times. To be clear, each Session_Start corresponds to the exact same session. They all have the same session id and the IsNewSession property is true for all session state objects. Also, the Session_End events do not correspond to the session being killed. The session persists, along with any data stored in session state.

I need to either prevent it from firing Session_Start more than once or figure out how to tell when Session_End doesn't really mean that the session has ended.

View 2 Replies View Related

Security :: How To Prevent New Users From Logging In Immediately / Account Approval

Jul 17, 2010

I am implementing strightforward membership provider. I do not want new users to be able to login without being approved.

I have tried the setting on the registration wizard called DisableCreatedUser="True" and this does not work.

I also set LoginCreatedUser to False, and the user still gets logged in.

If I look in the SQL membership table, 'IsApproved' is set to 0 for the account, but they can still login.

View 9 Replies View Related

Prevent Multiple Logons For A Single User?

Jan 26, 2010

I am looking at how best to prevent a single user account logging on multiple times in a webforms application. I know that MembershipUser.IsOnline exists, but I've read a few forum and blog entries suggesting that this can be unreliable, particularly in scenarios where a user closes a browser (without logging out) and attempts to logon with a different machine or browser.

I looked at implementing a last past the post type system; when a user logs on older users are simply kicked off. It seems that FormsAuthentication.Signout() only works for the current user.

Am I missing a trick, is there a better way to prevent the same username logging on from multiple different locations?

View 2 Replies View Related

Security :: Membership - Single User For Multiple Application And Different Role In Each Application

Jan 30, 2010

I have two .NET applications X and Y

a. I want to have User A as a common user for both application X and Y.
b. User A can have different roles on X and Y. Eg. Read permission on Y and Write Permission on Y.

How do i configure ASP.NET membership to achieve about functionality.

View 3 Replies View Related

VS 2008 - Prevent The Same User Logging In Twice?

Feb 1, 2011

I am using standard ASP.net security and want to how I go about prventing the same user from logging in twice.

If the user is already logged in and they log in again what I want to happen is for them to cancel the previous session and log that session out.

Can this be written into the webconfig file as part of the membership profile? I have tried to find this and it does not seem to be possible.

View 6 Replies View Related

Security :: Lock A Account After A User Enters The Password Too Many Times?

Jan 26, 2011

Do anyone knows how to lock a account after a user enters the password too many times.

View 3 Replies View Related

Web Forms :: Can A Login Control Event Be Used To Prevent User From Logging In Twice

Jul 23, 2010

I am using asp.net membership and the login control. I would like to prevent a user from logging in with the same use rname if they are already logged in. I would like to place code in the LoggingIn or Authenticate event of the login control to check whether the user is login and prevent them from logging in again. Any ideas on the best way to do this?

View 22 Replies View Related

MVC :: How To Apply Custom Validator Multiple Times On A Single Property

Jan 21, 2011

i want to apply my custom validator multiple times on a single property. i am using mvc 3 unobtrusive js for validations.i have tried this solution
http://www.paraesthesia.com/archive/2010/03/02/the-importance-of-typeid-in-asp.net-mvc-dataannotations-validation-attributes.aspx , but not working for me.I am getting error like this : "Validation type names in unobtrusive client validation rules must be unique."

View 7 Replies View Related

JQuery :: Same Validation Rule Multiple Times On Single Field?

Feb 8, 2011

Is it possible that i can use same validation rules more than one time on same field in jquery ?

For ex. if i have one textbox and i want to validate it. can i use two regular expression which can be checked one after another ?

View 3 Replies View Related

Configuration :: Adding Multiple Domains To Single Hosting Account

Mar 27, 2011

How do we reference different domains from single hosting account.At present i have put files related to different domains in their respective folders and named them accordingly with index.htm in each folder.

how do we connect different domains to the related folders.

using asp.net and c#is there any way to point different domains to single hosting account programatically using asp.net and c#

View 4 Replies View Related

SQL Reporting :: Using ReportViewer.LocalReport.Render() Method To Export Single Report Multiple Times?

Oct 21, 2010

I'm using the ReportViewer control on my .aspx page which displays a single report based on various user parameter selections. Dropdown2 is dependent on the DropDown1 selection (i.e. the user selects Unit A from DropDown1 and that results in 10 selections under Dropdown2, or the user selects Unit B from DropDown1 and that results in 15 selections under DropDown2, and so on). The user makes the selections, clicks the "Run Report" button, and the report displays as expected. The user then can export to Excel or PDF

I've received a request to allow users to run the report for all possible selections and export to their desired format rather than having to run the report for each separate DropDown1 and DropDown2 selection. So in other words, they don't even want to see the report on the screen, they just want to be able to click a button that runs the report for all possible parameter selections and export it to a single Excel or PDF document.

View 1 Replies View Related

C# - Deploy .net Web Application Multiple Times On The Same Server?

Mar 16, 2010

I have a ASP.NET 3.5 web application and I would like to allow users to install this web application multiple times on the same server.

--------
WebApp1 - database1
WebApp2 - database2
WebApp3 - database3

View 2 Replies View Related

Security :: Detect Multiple User Logging Into The Same Domain In One Browser?

Jul 12, 2010

Two users using the same machine, same browser.

User 1 logs in the domain.
User 1 changes some data without saving it.
User 2 logs in the domain in a separate tab.
User 1 switches back to his tab and saves the data.
User 1 actually saved the data into User 2!!

This is caused by the following mechanism:

Different tabs in the same browser seems to share the same session id. We are storing user auth in cookie and the cookie is shared between tabs (same domain)

Therefore, when User 1 request to save, it is recognized as User 2 since the cookie has been updated to User 2.

So I'm wondering if there's any other methods to prevent this from happening, other than:

1. Use cookieless session so the session is embedded in uri.

2. Always include a hidden field in page to indicate which user owns the page.

View 1 Replies View Related

Configuration :: How Many App Domain Created When Multiple Instance Of Multiple Application Is Running On Single

Jan 12, 2011

below written question :

1.) What is the name of the OS process in which App Domain resides.

2.)if suppose There are Three Windows application hosted on a same envoirment and two instance is working for each application at a Time, means now total instance are six .what will happen among the below written cases :

a.) There will be six different app domain in a single OS process

b.) There will three app domain(one for each application) in a single OS process and some Parallel thread will be executed in each app domain for another instance.

c.) There will be Three OS process corresponding to each application.

3.) If eveything will remain same except there are three web application in place of windows in point 2, will there be any change in functioning.

View 1 Replies View Related

MVC :: Application_start Event Called Multiple Times In Application

Sep 15, 2010

In my MVC application ,I am updating my web.config at runtime through application_start event.So, ideally it should be done only when the application is started.BUT in MY mvc application the application_start event of global.asax is being called multiple
times , even when i have not restarted the application.

Its being repetadly called when i am calling different actions , so the webconfig is repetedly updating & making my application very very slow. what's the reason & how to handle this .

View 2 Replies View Related

C# - Application Running Under A Less Privileged Account Start A Process Executing Another Application Under An Administrative Account?

Mar 9, 2011

I am logged in as the administrator when I installed an application named pdflatex.exe on my server. This application works as a converter from LaTeX input file to Pdf file. I host an Asp.net MVC 3 application running under an Application Pool Identity with Load User Profile = True. The Asp.net MVC 3 code contains a code that executes pdflatex.exe using System.Diagnostic.Process instance as follows:

Process p = new Process();
p.EnableRaisingEvents = true;
p.Exited += new EventHandler(p_Exited);
p.StartInfo.Arguments = "-interaction=nonstopmode " + inputpath;
p.StartInfo.WorkingDirectory = @"c:mydomain.comworking";
p.StartInfo.UseShellExecute = false;
p.StartInfo.FileName = "pdflatex.exe";
p.Start();
p.WaitForExit();

From the scenario above, the web application runs under a restricted acount but it executes an external application under a default account that I don't know. Can an application running under a less privileged account start a process executing another application under an administrative account?

View 2 Replies View Related

Performance - What Logging Listener Should Be Used In Production ( Logging Application Block)

Sep 10, 2010

I'm using MS Enterprise Logging Application Block in an ASP.NET website.

For production launch, I will set up a log listener in one of these locations:

Sql Server database
Windows event log
Text files

Which has the least impact on performance?

NB - I can't switch to Log4Net or ELMAH at this point, so don't suggest that in your response.

View 3 Replies View Related

How To Display Infomation Onto The Application About The User Account

Mar 16, 2010

I have a website that has a login (Like most websites xD) This then obviosly fetches information from a database and loads it on the page. (EG. Welcome "Display Name")

I have designed and coded a application for my site you can use the features from my web on your desktop, I have added a login (required to use the application) and a register. Both login and register work (Fetching information from the database and writing to the database).

Now I have those out of the way I'm now onto the main part of my program which is to display infomation onto the application about the user account. This could include editing the user account, uploading content to the website or viewing content from the website.. (Sorry but I'd like to explain how I have certain things to get the point across clearly )

Anyway how would I create a sort of session? Like PHP, once you login you can grab information from the database based on the information submitted from the login which was fetched from the database.. When the user presses login on my application it brings them to the main part of the application but I'm now unsure how to load variables and/or session data.

(Side note, I have also sha encryption on my website in the register/login, at the moment VB reads the information from the textbox as normal text is there anyway I can get it to read the sha encryption? and also insert data into the database with this encryption?) - This question is optional.

View 7 Replies View Related

How To Prevent Multiple Login For Same User

Jun 19, 2010

I want to prevent multiple user login for same user in asp.net.. How can I achieve. Note: I want to control without database concepts

View 2 Replies View Related

C# - How To Prevent Multiple Logins Of Same User Id

Apr 8, 2010

how to prevent multiple user to be logged in at a time using a user id ?

I searched the internet and found some ways but somehow they do not work in these situations:

If javascript in brower is turned off.

If user do not click logout and directly close brower.

View 4 Replies View Related

Getting Email Account Of A Particular User Of Outlook Express In To .NET Application?

Nov 1, 2008

I want to retrieve the a particular user email account of outlook express in to my .net application.

View 3 Replies View Related

MVC :: Multiple Domains In Single Application

Aug 25, 2010

I want to use my asp.net mvc application with multiple domains (maybe of hundreds),

so I have created custom Route class that matches requests including domain.

Each domain could has different routes, so the number of routes in RouteTable can be huge

(eg 500 domains, each 20 routes = 10000 routes in RouteTable).

I am considering how it will be efficient?

I have an idea to replace RouteTable.Routes (of type RouteCollection)

with custom one (of type Dictionary<string, RouteCollection>).

But how I can override default route matching mechanism with my custom mechanism which will be two step:

1) retrieve RouteCollection from dictionary based on domain name

2) retrieve specyfic Route object (standard route matching mechanism)

How can I do this?

View 4 Replies View Related

Security :: Create User Account For Web Authentication From Non-web/local Application?

Sep 12, 2010

I have an application which is installed on local pc and is using SQL db. It is a client management system where I want to add capability to register new clients and give them access to my web site which is sharing the same SQL database with local application.

At the moment clients can register on the web site and I have ASP.NET authorisation system set up with aspnetdb_user, aspnetdb_membership and etc tables. But sometimes it happens that I need to register clients on my local application on PC and ideally would like that registration to create online account for the client as well. Then I want to be able to send him user id and password by email and let him know that he has been registered in my database and online account is ready for him as well.

Basically I want to have full synchronization between asp.net membership service and local application through SQL db. As I said both online and local apps are shareing the same SQL database. what would be the best practice to implement it.

View 1 Replies View Related

Security :: Prevent Multiple Concurrent User Logins For The Same UserName

Jun 2, 2010

My application is windows authenticated. The application pulls JUST the userName from the current windows account. Then I provide site access to this user depending on his account privileges. If his userName belongs to the admins list he is directed to admin screens. If his username belongs to users list he is directed to users screens. I handle this security in C# and some SQL tables(No membership provider and no Active directory security in the app).

I need to be able to prevent multiple concurrent logins for the same userName.

View 4 Replies View Related

Single Application, Multiple Domains Pointing To Subfolders

Nov 7, 2008

I'm sorry if this is the wrong place for this... mods, could you please move it to somewhere more appropriate if this is wrong?

I have an asp.net application. The root is nothing more than a welcome page, a login page, and my configuration stuff (web.config, bin, app_code, CSS folder...)

In the root, I have multiple subfolders that correspond to different unique domain names.

Is there a way I can point each unique domain name to specific subfolders without having to setup multiple sites in IIS or making each subfolder its own application root?

www.default.com should land on http://myIP

www.UniqueDomain1.com should land on http://myIP/Subfolder1

etc...

If this is possible, does anyone have any comments as to whether or not this is a bad idea?

View 2 Replies View Related

Security :: Single Sign On IIS 7 Multiple Application Pool

Oct 20, 2010

We migrated our web server to window server 2008, IIS 7.

We have single sign on application - that we login through one application called "users" and then no need to login to other applications, they all use the same machine key and cookie.

it works fine when all then applications under the same application pool.

but we have one application that is asp.net 2005. (the rest are asp.net 2003) the user application is in asp.net 2003 and that other application is in asp.net 2005.

so each application is in a different application pool. -

one pool to asp.net 1.1 and other pool to asp.net 2.

when I run the asp.net 2005 application

I get the login page and after I login I get the following errer:

HTTP 404. The resource you are looking for (or one of its dependencies) could have been removed, had its name changed, or is temporarily unavailable. Please review the following URL and make sure that it is spelled correctly.

Requested Url: /users/Unauthorised.aspx

Important: If I switch the "user" application (the login) to work under the same pool as my asp.net 2005 application, then it works fine with the asp.net 2005 application,but I get the above error for the asp.net 2003 applications

All this happened after we switched to IIS 7 Windows 2008, with IIS 6 it works great!

View 2 Replies View Related







Copyrights 2005-15 www.BigResource.com, All rights reserved