Tracking Forums, Newsgroups, Maling Lists
Home Submit Tracker Forums
  Advanced Search
  HOME    TRACKER    ASP.NET


Advertisements:










Asp.net - To Prevent A Single User Account Logging On Multiple Times In A Webforms Application


I am looking at how best to prevent a single user account logging on multiple times in a webforms application. I know that MembershipUser.IsOnline exists, but I've read a few forum and blog entries suggesting that this can be unreliable, particularly in scenarios where a user closes a browser (without logging out) and attempts to logon with a different machine or browser.I looked at implementing a last past the post type system; when a user logs on older users are simply kicked off. It seems that FormsAuthentication.Signout() only works for the current user.


View 2 Replies (Posted: Dec 16, 2010 02:02 PM)

Sponsored Links:

Related Forum Messages For ASP.NET category:
How To Prevent Logging An Error Multiple Times
I have a pretty general .NET exception handling question, it's not necessarily specific to ASP.NET. In my application I'm doing something like:

[code]...

So I'd like to log the error only once, when it first occurs and then throw it up the exception stack until it gets to the top level where the exception or some more user-friendly error is displayed to the user. But how do I log it only once? How do I know it hasn't been logged before?

Posted: May 08, 2009 02:38 AM

View 4 Replies!   View Related
Prevent Multiple User Logging Into The Same Domain Using The Same Browser?
So its a ASP.NET problem where two users using the same machine, same browser:

User 1 logs in the domain.
User 1 changes some data without saving it.
User 2 logs in the domain in a separate tab.
User 1 switches back to his tab and saves the data.
User 1 actually saved the data into User 2!!

This is caused by the following mechanism:

Different tabs in the same browser seems to share the same session id.

We are storing user auth in cookie and the cookie is shared between tabs (same domain)

Therefore, when User 1 request to save, it is recognized as User 2 since the cookie has been updated to User 2.

So I'm wondering if there's any other methods to prevent this from happening, other than:

1. Use cookieless session so the session is embedded in uri.
2. Always include a hidden field in page to indicate which user owns the page.

Posted: Jul 10 10 at 14:38

View 3 Replies!   View Related
Web Forms :: How To Prevent User From Logging In Twice To An Application
How to prevent user from logging in twice to an application

Posted: Mar 02, 2008 02:33 PM

View 9 Replies!   View Related
MVC Application Fires Session_Start Multiple Times For A Single Session
We have an MVC.NET application that encounters fatal errors when it restarts. In our Session_Start event handler, we add the session id to a dictionary. In the Session_End handler, we remove it. Consider the following sequence of requests:

GET home.mvc
<application restarts>
GET main.css
GET banner.jpg
GET somedata.mvc
...

Because of the way the application is architected, this sort of sequence happens fairly frequently if you do a rebuild while the application is open in a browser window. That wouldn't be terribly concerning except that I see it in production environments too. For example, it will occur (albeit rarely) when you edit web.config.

The requests following the restart are all due to links in the home page or AJAX calls from JavaScript.

What I observe is that .NET handles the first 5 requests in parallel. Each such request causes it to fire the Session_Start event. After a short time, it fires the Session_End event 3 times. To be clear, each Session_Start corresponds to the exact same session. They all have the same session id and the IsNewSession property is true for all session state objects. Also, the Session_End events do not correspond to the session being killed. The session persists, along with any data stored in session state.

I need to either prevent it from firing Session_Start more than once or figure out how to tell when Session_End doesn't really mean that the session has ended.

Posted: Jul 29 10 at 18:46

View 2 Replies!   View Related
Security :: How To Prevent New Users From Logging In Immediately / Account Approval
I amimplementing strightforward membership provider. Ido not want new users to be able to login without being approved.

I have tried the setting on theregistration wizard calledDisableCreatedUser="True" and this does not work.

I also set LoginCreatedUser to False, and the user still gets logged in.

If I look in the SQL membership table, 'IsApproved' is set to 0 for the account, but they can still login.

Posted: Jul 17, 2010 07:25 PM

View 9 Replies!   View Related
Prevent Multiple Logons For A Single User?
I am looking at how best to prevent a single user account logging on multiple times in a webforms application. I know that MembershipUser.IsOnline exists, but I've read a few forum and blog entries suggesting that this can be unreliable, particularly in scenarios where a user closes a browser (without logging out) and attempts to logon with a different machine or browser.

I looked at implementing a last past the post type system; when a user logs on older users are simply kicked off. It seems that FormsAuthentication.Signout() only works for the current user.

Am I missing a trick, is there a better way to prevent the same username logging on from multiple different locations?

Posted: Jan 26 10 at 9:33

View 2 Replies!   View Related
Security :: Membership - Single User For Multiple Application And Different Role In Each Application
I have two .NET applications X and Y

a. I want to have User A as a common user for both application X and Y.
b. User A can have different roles on X and Y. Eg. Read permission on Y and Write Permission on Y.

How do i configure ASP.NET membership to achieve about functionality.

Posted: Jan 30, 2010 09:51 AM

View 3 Replies!   View Related
VS 2008 - Prevent The Same User Logging In Twice?
I am using standard ASP.net security and want to how I go about prventing the same user from logging in twice.

If the user is already logged in and they log in again what I want to happen is for them to cancel the previous session and log that session out.

Can this be written into the webconfig file as part of the membership profile? I have tried to find this and it does not seem to be possible.

Posted: Feb 1st, 2011, 09:25 AM

View 6 Replies!   View Related
Security :: Lock A Account After A User Enters The Password Too Many Times?
Do anyone knows how tolock a account after a userenters the password too many times.

Posted: Jan 26, 2011 12:16 AM

View 3 Replies!   View Related
Web Forms :: Can A Login Control Event Be Used To Prevent User From Logging In Twice
I am using asp.net membership and the login control. I would like to prevent a user from logging in with the same use rname if they are already logged in. I would like to place code in the LoggingIn or Authenticate event of the login control to check whether the user is login and prevent them from logging in again. Any ideas on the best way to do this?

Posted: Jul 23, 2010 12:02 PM

View 22 Replies!   View Related
MVC :: How To Apply Custom Validator Multiple Times On A Single Property
i want to apply my custom validator multiple times on a single property. i am using mvc 3 unobtrusive js for validations.i have tried this solution
http://www.paraesthesia.com/archive/2010/03/02/the-importance-of-typeid-in-asp.net-mvc-dataannotations-validation-attributes.aspx, but not working for me.Iam getting error like this : "Validation type names in unobtrusive client validation rules must be unique."

Posted: Jan 21, 2011 08:12 AM

View 7 Replies!   View Related
JQuery :: Same Validation Rule Multiple Times On Single Field?
Is it possible that i can use same validation rules more than one timeon same fieldin jquery ?

For ex. if i have one textbox and i want to validate it. can i use two regular expression which can be checked one after another ?

Posted: Feb 08, 2011 10:43 AM

View 3 Replies!   View Related
Configuration :: Adding Multiple Domains To Single Hosting Account
How do we reference different domains from single hosting account.At present i have put files related to different domains in their respective folders and named them accordingly with index.htm in each folder.

how do we connect different domains to the related folders.

using asp.net and c#is there any way to point different domains to single hosting account programatically using asp.net and c#

Posted: Mar 27, 2011 09:17 PM

View 4 Replies!   View Related
SQL Reporting :: Using ReportViewer.LocalReport.Render() Method To Export Single Report Multiple Times?
I'm using the ReportViewer control on my .aspx page which displays a single report based on various user parameter selections. Dropdown2 is dependent on the DropDown1 selection (i.e. the user selects Unit A from DropDown1 and that results in 10 selections under Dropdown2, or the user selects Unit B from DropDown1 and that results in 15 selections under DropDown2, and so on). The user makes the selections, clicks the "Run Report" button, and the report displays as expected. The user then can export to Excel or PDF

I've received a request to allow users to run the report for all possible selections and export to their desired format rather than having to run the report for each separate DropDown1 and DropDown2 selection. So in other words, they don't even want to see the report on the screen, they just want to be able to click a button that runs the report for all possible parameter selections and export it to a single Excel or PDF document.

Posted: Oct 21, 2010 05:09 PM

View 1 Replies!   View Related
C# - Deploy .net Web Application Multiple Times On The Same Server?
I have a ASP.NET 3.5 web application and I would like to allow users to install this web application multiple times on the same server.

--------
WebApp1 - database1
WebApp2 - database2
WebApp3 - database3

Posted: Mar 16 10 at 8:30

View 2 Replies!   View Related
Security :: Detect Multiple User Logging Into The Same Domain In One Browser?
Two users using the same machine, same browser.

User 1 logs in the domain.
User 1 changes some data without saving it.
User 2 logs in the domain in a separate tab.
User 1 switches back to his tab and saves the data.
User 1 actually saved the data into User 2!!

This is caused by the following mechanism:

Different tabs in the same browser seems to share the same session id. We are storing user auth in cookie and the cookie is shared between tabs (same domain)

Therefore, when User 1 request to save, it is recognized as User 2 since the cookie has been updated to User 2.

So I'm wondering if there's any other methods to prevent this from happening, other than:

1. Use cookieless session so the session is embedded in uri.

2. Always include a hidden field in page to indicate which user owns the page.

Posted: Jul 12, 2010 01:48 PM

View 1 Replies!   View Related
Configuration :: How Many App Domain Created When Multiple Instance Of Multiple Application Is Running On Single
below written question :

1.) What is the name of the OS process in which App Domain resides.

2.)if suppose There are Three Windows application hosted on a same envoirment and two instance is working for each application at a Time, means now total instance are six .what will happen among the below written cases :

a.) There will be six different app domain in a single OS process

b.) There will three app domain(one for each application) in a single OS process and some Parallel thread will be executed in each app domain for another instance.

c.) There will be Three OS process corresponding to each application.

3.) If eveything will remain same except there are three web application in place of windows in point 2, will there be any change in functioning.

Posted: Jan 12, 2011 09:06 AM

View 1 Replies!   View Related
MVC :: Application_start Event Called Multiple Times In Application
In my MVC application ,Iam updating my web.configat runtime through application_start event.So, ideallyit should be done only when the application is started.BUT in MY mvcapplication the application_start event of global.asax is being called multiple
times , even when i have not restarted the application.

Its being repetadly called when iam calling different actions, so the webconfig is repetedly updating & making my application very very slow. what's the reason & how to handle this .

Posted: Sep 15, 2010 07:15 AM

View 2 Replies!   View Related
C# - Application Running Under A Less Privileged Account Start A Process Executing Another Application Under An Administrative Account?
I am logged in as the administrator when I installed an application named pdflatex.exe on my server. This application works as a converter from LaTeX input file to Pdf file. I host an Asp.net MVC 3 application running under an Application Pool Identity with Load User Profile = True. The Asp.net MVC 3 code contains a code that executes pdflatex.exe using System.Diagnostic.Process instance as follows:

Process p = new Process();
p.EnableRaisingEvents = true;
p.Exited += new EventHandler(p_Exited);
p.StartInfo.Arguments = "-interaction=nonstopmode " + inputpath;
p.StartInfo.WorkingDirectory = @"c:mydomain.comworking";
p.StartInfo.UseShellExecute = false;
p.StartInfo.FileName = "pdflatex.exe";
p.Start();
p.WaitForExit();

From the scenario above, the web application runs under a restricted acount but it executes an external application under a default account that I don't know. Can an application running under a less privileged account start a process executing another application under an administrative account?

Posted: Mar 9 at 3:59

View 2 Replies!   View Related
Performance - What Logging Listener Should Be Used In Production ( Logging Application Block)
I'm using MS Enterprise Logging Application Block in an ASP.NET website.

For production launch, I will set up a log listener in one of these locations:

Sql Server database
Windows event log
Text files

Which has the least impact on performance?

NB - I can't switch to Log4Net or ELMAH at this point, so don't suggest that in your response.

Posted: Sep 10 10 at 16:53

View 3 Replies!   View Related
How To Display Infomation Onto The Application About The User Account
I have a website that has a login (Like most websites xD) This then obviosly fetches information from a database and loads it on the page. (EG. Welcome "Display Name")

I have designed and coded a application for my site you can use the features from my web on your desktop, I have added a login (required to use the application) and a register. Both login and register work (Fetching information from the database and writing to the database).

Now I have those out of the way I'm now onto the main part of my program which is to display infomation onto the application about the user account. This could include editing the user account, uploading content to the website or viewing content from the website.. (Sorry but I'd like to explain how I have certain things to get the point across clearly )

Anyway how would I create a sort of session? Like PHP, once you login you can grab information from the database based on the information submitted from the login which was fetched from the database.. When the user presses login on my application it brings them to the main part of the application but I'm now unsure how to load variables and/or session data.

(Side note, I have also sha encryption on my website in the register/login, at the moment VB reads the information from the textbox as normal text is there anyway I can get it to read the sha encryption? and also insert data into the database with this encryption?) - This question is optional.

Posted: Mar 16th, 2010, 09:47 PM

View 7 Replies!   View Related
How To Prevent Multiple Login For Same User
I want to prevent multiple user login for same user in asp.net.. How can I achieve. Note: I want to control without database concepts

Posted: Jun 19 10

View 2 Replies!   View Related
C# - How To Prevent Multiple Logins Of Same User Id
how to prevent multiple user to be logged in at a time using a user id ?

I searched the internet and found some ways but somehow they do not work in these situations:

If javascript in brower is turned off.

If user do not click logout and directly close brower.

Posted: Apr 8 10 at 10:35

View 4 Replies!   View Related
Getting Email Account Of A Particular User Of Outlook Express In To .NET Application?
I want to retrieve the a particular user email account of outlook express in to my .net application.

Posted: Nov 01, 2008 06:24 AM

View 3 Replies!   View Related
MVC :: Multiple Domains In Single Application
I want touse my asp.net mvc application with multiple domains (maybe of hundreds),

so I have created custom Route classthat matches requests including domain.

Each domain could has different routes, so the number of routes in RouteTable can be huge

(eg 500 domains, each 20 routes = 10000 routes in RouteTable).

I am considering how it will be efficient?

I have an idea to replace RouteTable.Routes (of type RouteCollection)

with custom one(of type Dictionary<string, RouteCollection>).

But how I can override default route matching mechanism with my custom mechanism which will be two step:

1)retrieveRouteCollection from dictionary based on domain name

2) retrieve specyfic Route object (standard route matching mechanism)

How can I do this?

Posted: Aug 25, 2010 11:11 AM

View 4 Replies!   View Related
Security :: Create User Account For Web Authentication From Non-web/local Application?
I have an application which is installed on local pc and is using SQL db. It is aclient management system where Iwant to add capability toregister new clients andgive them access tomyweb site which is sharing the same SQL database with local application.

At the moment clients can register on the web site andI have ASP.NET authorisation system set up with aspnetdb_user, aspnetdb_membership and etc tables. But sometimes it happens that I need to register clients on my local application on PC and ideally would likethat registrationto create online account for the client as well. Then I want to be able to send him user id and passwordby email and let him knowthat he has been registered in my database and online account is ready for him as well.

Basically I want to have full synchronization between asp.net membership service and local application through SQL db. AsI said both online and local apps are shareing the sameSQL database. what would be the best practice to implement it.

Posted: Sep 12, 2010 10:12 AM

View 1 Replies!   View Related
Security :: Prevent Multiple Concurrent User Logins For The Same UserName
My application is windows authenticated. The application pulls JUST the userName from the current windows account. Then I provide site access to this user depending on his account privileges. If his userName belongs to the admins list he is directed to admin screens. If his username belongs to users list he is directed to users screens. I handle this security in C# and some SQL tables(No membership provider and no Active directory security in the app).

I need to be able to prevent multiple concurrent logins for the same userName.

Posted: Jun 02, 2010 06:47 PM

View 4 Replies!   View Related
Single Application, Multiple Domains Pointing To Subfolders
I'm sorry if this is the wrong place for this... mods, could you please move it to somewhere more appropriate if this is wrong?

I have an asp.net application. The root is nothing more than a welcome page, a login page, and my configuration stuff (web.config, bin, app_code, CSS folder...)

In the root, I have multiple subfolders that correspond to different unique domain names.

Is there a way I can point each unique domain name to specific subfolders without having to setup multiple sites in IIS or making each subfolder its own application root?

www.default.com should land on http://myIP

www.UniqueDomain1.com should land on http://myIP/Subfolder1

etc...

If this is possible, does anyone have any comments as to whether or not this is a bad idea?

Posted: Nov 07, 2008 03:06 PM

View 2 Replies!   View Related
Security :: Single Sign On IIS 7 Multiple Application Pool
We migrated our web server to window server 2008, IIS 7.

Wehave single sign on application - that we login through one application called "users"and then no need to login to other applications, they all use the same machine key and cookie.

it works fine when all then applications under the same application pool.

but we have one application that is asp.net 2005. (the rest are asp.net 2003)the user application is in asp.net 2003 and that other application is in asp.net 2005.

so each application is in a different application pool. -

one pool to asp.net 1.1 and other pool to asp.net 2.

when I run the asp.net 2005 application

I get the login page and after I login I get the following errer:

HTTP 404. The resource you are looking for (or one of its dependencies) could have been removed, had its name changed, or is temporarily unavailable. Please review the following URL and make sure that it is spelled correctly.

Requested Url: /users/Unauthorised.aspx

Important: If I switch the "user" application (the login) to work under the same pool as my asp.net 2005 application, then it works fine with the asp.net 2005 application,but I get the above error for the asp.net 2003 applications

All this happened after we switched to IIS 7 Windows 2008, with IIS 6 it works great!

Posted: Oct 20, 2010 12:25 PM

View 2 Replies!   View Related
Turning A Single Instance Web Application Into Multiple Instances - Concept?
Here is a conceptual questions that I was going over the last few days. I have a simple application that I want to turn into a hosted solution.

My take on it is that in a sense each record in the database would have its own ID representing the hosted instance of the application, rather

than installing the application each time a new one is needed. Then I can easily differentiate between the instances, however I don't want to

store the instance ID in a session (bad for URL back links etc.) and don't really want to add it as part of the URL.

What would you suggest ?

Another part of the question would be how to pragmatically create a sub-domain representing the application instance, however that's a

Whole different question J

Posted: Feb 11, 2010 03:34 PM

View 2 Replies!   View Related
ADO.NET :: Need To Make A Field For Account Type In User Account Table?
Do I just need to make a field for account type in my user account table? In a technical way, if(account type = admin) then the account would log as admin; otherwise, a user with less privileges.

Posted: Feb 02, 2011 07:50 AM

View 7 Replies!   View Related
State Management :: Sessions Got Mixed Up When Open Multiple Tab For A Single Application
We got a problem that Sessions got mixed up when open multiple tab in a single application. We could change the code that do not use session variable in a that level, but a tons of page need to be modified. We need to find a quick fix for this problem. Is any thing we can do in code level to prevent user open multiple tab in a single application? O any thing we can do to keep its own session for a single tab?

Posted: Sep 10, 2010 03:13 PM

View 6 Replies!   View Related
Webforms Site Using HTTPCookie With 100 Year Timeout Times Out After 20 Minutes
I have a site that is using Forms Auth. The client does not want the site session to expire at all for users. In the login page codebehind, the following code is used:

// user passed validation
FormsAuthentication.Initialize();
// grab the user's roles out of the database
String strRole = AssignRoles(UserName.Text);
// creates forms auth ticket with expiration date of 100 years from now and make it persistent
FormsAuthenticationTicket fat = new FormsAuthenticationTicket(1,
UserName.Text, DateTime.Now,
DateTime.Now.AddYears(100), true, strRole,
FormsAuthentication.FormsCookiePath);
// create a cookie and throw the ticket in there, set expiration date to 100 years from now
HttpCookie cookie = new HttpCookie(FormsAuthentication.FormsCookieName,
FormsAuthentication.Encrypt(fat)) { Expires = DateTime.Now.AddYears(100) };
// add the cookie to the response queue
Response.Cookies.Add(cookie);
Response.Redirect(FormsAuthentication.GetRedirectUrl(UserName.Text, false));

The web.config file auth section looks like this:

<authentication mode="Forms">
<forms name="APLOnlineCompliance" loginUrl="~/Login.aspx" defaultUrl="~/Course/CourseViewer.aspx" />
</authentication>

When I log into the site I do see the cookie correctly being sent to the browser and passed back up: However, when I walk away for 20 minutes or so, come back and try to do anything on the site, the login window reappears. This solution was working for a while on our servers - now it's back. The problem doesn't occur on my local dev box running Cassini in VS2008.

Posted: Jun 11 10 at 20:20

View 3 Replies!   View Related
Web Forms :: Multiple Layout Varieties For A Single User Control?
I have a user control that contains an image of a product along with some product details.

If the product image is landscape, I want to render the control one way, and if the product image is portrait, I want to render the control a second way.

Example HTML Layouts (drastically simplified):

<div><table><tr><td>
<p><strong>XXXXXX</strong></p>
</td></tr><table></div>

versus

<div><table><tr><td>
<p><em>XXXXXX</em></p>
</td></tr><table></div>

Right now, both layouts are rendered. How can I conditionally renderone layoutand notthe other?

Posted: Feb 02, 2010 02:25 PM

View 13 Replies!   View Related
Web User Control With Javascript Used Multiple Times On A Page - How To Make Javascript Functions Point At The Correct Controls
I think I summed up the question in the title. Here is some further elaboration...I have a web user control that is used in multiple places, sometimes more than once on a given page.The web user control has a specific set of JavaScript functions (mostly jQuery code) that are containted within *.js files and automatically inserted into page headers.However, when I want to use the control more than once on a page, the *.js files are included 'n' number of times and, rightly so, the browser gets confused as to which control it's meant to be executing which function on.What do I need to do in order to resolve this problem? I've been staring at this all day and I'm at a loss.

Posted: Apr 12 10 at 21:08

View 2 Replies!   View Related
How To Prevent Button Click 2 Times In Update Panel
I have a button which is in update panel. When I click on button then it click event run two times. How can I prevent second time click event?

Posted: Mar 17 10 at 16:56

View 3 Replies!   View Related
Web Forms :: How To Prevent A Aspx Page_load In VC# Load 2 Times
I added a breakpoint insides protected void Page_Load(object sender, EventArgs e) {}And I saw that the Page_Load would execute 2 times when loading a page. As I have an insert sql in the page load, it insert 2 times of data when the page is open.How should I fix it?I use ASP.NET and VC#

Posted: Sep 17, 2009 06:33 AM

View 1 Replies!   View Related
SelectMethod In ObjectDatasource Getting Called Multiple Times With Multiple Datapagerfield?
so here is the setup. I am building a page that has a listview, a datapager, and 3 datapagerfield (2 x NextPreviousPagerField, 1 x NumericPagerField), and a objectdatasource to tide all of this together.

It was all working fine until I put a breakpoint into the SelectMethod specified in the objectdatsource control. It seems like that for each datapagerfield control, it is calling the selectmethod and selectcount method. Hence, whenever a user paged, it calls the database 6 times instead of 2 (I don't have caching turned on atm). If I remove one datapagerfield, it will remove 2 calls.

Now this is build in asp.net 3.5 SP1 in VS2008. When I copied the same code files to a asp.net 4.0 VS2010 solution, it duplicate call seems to be gone.

Is this a bug in asp.net 3.5 SP1?

Posted: Oct 7 10 at 19:15

View 1 Replies!   View Related
C# - End User To Use My Silverlight Media Player Application In Browser To Play The File, Prevent Them From Download To Local Directly?
I am using VSTS 2008 + C# + .Net 3.5 + Silverlight 3.0 + ASP.Net to develop a Silverlight application (a video media player) in browser and the function is simple, just use MediaElement to play a remote video file.The remote server is Windows Server 2008 + IIS 7.0 + IIS Media Bit Rate Throttling Control.Since the request media URL can be discovered (e.g. from traffic sniffer), and I want to know how to prevent from download directly from the Url? i.e. I want end user to use my Silverlight media player application in browser to play the file, prevent them from download to local directly. Any easy and quick solution or reference code/documents?

Posted: Mar 4 10 at 4:47

View 5 Replies!   View Related
Copyright 2005-08 www.BigResource.com, All rights reserved