Asp.net - To Prevent A Single User Account Logging On Multiple Times In A Webforms Application

Dec 16, 2010

I am looking at how best to prevent a single user account logging on multiple times in a webforms application. I know that MembershipUser.IsOnline exists, but I've read a few forum and blog entries suggesting that this can be unreliable, particularly in scenarios where a user closes a browser (without logging out) and attempts to logon with a different machine or browser.I looked at implementing a last past the post type system; when a user logs on older users are simply kicked off. It seems that FormsAuthentication.Signout() only works for the current user.

View 2 Replies


Similar Messages:

Prevent Multiple User Logging Into The Same Domain Using The Same Browser?

Jul 10, 2010

So its a ASP.NET problem where two users using the same machine, same browser:

User 1 logs in the domain.
User 1 changes some data without saving it.
User 2 logs in the domain in a separate tab.
User 1 switches back to his tab and saves the data.
User 1 actually saved the data into User 2!!

This is caused by the following mechanism:

Different tabs in the same browser seems to share the same session id.

We are storing user auth in cookie and the cookie is shared between tabs (same domain)

Therefore, when User 1 request to save, it is recognized as User 2 since the cookie has been updated to User 2.

So I'm wondering if there's any other methods to prevent this from happening, other than:

1. Use cookieless session so the session is embedded in uri.
2. Always include a hidden field in page to indicate which user owns the page.

View 3 Replies

MVC Application Fires Session_Start Multiple Times For A Single Session

Jul 29, 2010

We have an MVC.NET application that encounters fatal errors when it restarts. In our Session_Start event handler, we add the session id to a dictionary. In the Session_End handler, we remove it. Consider the following sequence of requests:

GET home.mvc
<application restarts>
GET main.css
GET banner.jpg
GET somedata.mvc
...

Because of the way the application is architected, this sort of sequence happens fairly frequently if you do a rebuild while the application is open in a browser window. That wouldn't be terribly concerning except that I see it in production environments too. For example, it will occur (albeit rarely) when you edit web.config.

The requests following the restart are all due to links in the home page or AJAX calls from JavaScript.

What I observe is that .NET handles the first 5 requests in parallel. Each such request causes it to fire the Session_Start event. After a short time, it fires the Session_End event 3 times. To be clear, each Session_Start corresponds to the exact same session. They all have the same session id and the IsNewSession property is true for all session state objects. Also, the Session_End events do not correspond to the session being killed. The session persists, along with any data stored in session state.

I need to either prevent it from firing Session_Start more than once or figure out how to tell when Session_End doesn't really mean that the session has ended.

View 2 Replies

Security :: How To Prevent New Users From Logging In Immediately / Account Approval

Jul 17, 2010

I am implementing strightforward membership provider. I do not want new users to be able to login without being approved.

I have tried the setting on the registration wizard called DisableCreatedUser="True" and this does not work.

I also set LoginCreatedUser to False, and the user still gets logged in.

If I look in the SQL membership table, 'IsApproved' is set to 0 for the account, but they can still login.

View 9 Replies

Prevent Multiple Logons For A Single User?

Jan 26, 2010

I am looking at how best to prevent a single user account logging on multiple times in a webforms application. I know that MembershipUser.IsOnline exists, but I've read a few forum and blog entries suggesting that this can be unreliable, particularly in scenarios where a user closes a browser (without logging out) and attempts to logon with a different machine or browser.

I looked at implementing a last past the post type system; when a user logs on older users are simply kicked off. It seems that FormsAuthentication.Signout() only works for the current user.

Am I missing a trick, is there a better way to prevent the same username logging on from multiple different locations?

View 2 Replies

Security :: Membership - Single User For Multiple Application And Different Role In Each Application

Jan 30, 2010

I have two .NET applications X and Y

a. I want to have User A as a common user for both application X and Y.
b. User A can have different roles on X and Y. Eg. Read permission on Y and Write Permission on Y.

How do i configure ASP.NET membership to achieve about functionality.

View 3 Replies

VS 2008 - Prevent The Same User Logging In Twice?

Feb 1, 2011

I am using standard ASP.net security and want to how I go about prventing the same user from logging in twice.

If the user is already logged in and they log in again what I want to happen is for them to cancel the previous session and log that session out.

Can this be written into the webconfig file as part of the membership profile? I have tried to find this and it does not seem to be possible.

View 6 Replies

Prevent Unauthenticated Users To Vote Like Multiple Times

Jan 26, 2014

How can we prevent non ahuthenticated users from like and dislike multiple times?one way : save Ip address in a cookiebut theres's two problem1. I heard Ip address isn't unique and changes frequently2. cookie can be deleted by userI'd .

View 1 Replies

Security :: Lock A Account After A User Enters The Password Too Many Times?

Jan 26, 2011

Do anyone knows how to lock a account after a user enters the password too many times.

View 3 Replies

Web Forms :: Can A Login Control Event Be Used To Prevent User From Logging In Twice

Jul 23, 2010

I am using asp.net membership and the login control. I would like to prevent a user from logging in with the same use rname if they are already logged in. I would like to place code in the LoggingIn or Authenticate event of the login control to check whether the user is login and prevent them from logging in again. Any ideas on the best way to do this?

View 22 Replies

MVC :: How To Apply Custom Validator Multiple Times On A Single Property

Jan 21, 2011

i want to apply my custom validator multiple times on a single property. i am using mvc 3 unobtrusive js for validations.i have tried this solution
http://www.paraesthesia.com/archive/2010/03/02/the-importance-of-typeid-in-asp.net-mvc-dataannotations-validation-attributes.aspx , but not working for me.I am getting error like this : "Validation type names in unobtrusive client validation rules must be unique."

View 7 Replies

JQuery :: Same Validation Rule Multiple Times On Single Field?

Feb 8, 2011

Is it possible that i can use same validation rules more than one time on same field in jquery ?

For ex. if i have one textbox and i want to validate it. can i use two regular expression which can be checked one after another ?

View 3 Replies

Configuration :: Adding Multiple Domains To Single Hosting Account

Mar 27, 2011

How do we reference different domains from single hosting account.At present i have put files related to different domains in their respective folders and named them accordingly with index.htm in each folder.

how do we connect different domains to the related folders.

using asp.net and c#is there any way to point different domains to single hosting account programatically using asp.net and c#

View 4 Replies

SQL Reporting :: Using ReportViewer.LocalReport.Render() Method To Export Single Report Multiple Times?

Oct 21, 2010

I'm using the ReportViewer control on my .aspx page which displays a single report based on various user parameter selections. Dropdown2 is dependent on the DropDown1 selection (i.e. the user selects Unit A from DropDown1 and that results in 10 selections under Dropdown2, or the user selects Unit B from DropDown1 and that results in 15 selections under DropDown2, and so on). The user makes the selections, clicks the "Run Report" button, and the report displays as expected. The user then can export to Excel or PDF

I've received a request to allow users to run the report for all possible selections and export to their desired format rather than having to run the report for each separate DropDown1 and DropDown2 selection. So in other words, they don't even want to see the report on the screen, they just want to be able to click a button that runs the report for all possible parameter selections and export it to a single Excel or PDF document.

View 1 Replies

C# - Deploy .net Web Application Multiple Times On The Same Server?

Mar 16, 2010

I have a ASP.NET 3.5 web application and I would like to allow users to install this web application multiple times on the same server.

--------
WebApp1 - database1
WebApp2 - database2
WebApp3 - database3

View 2 Replies

MVC :: Application_start Event Called Multiple Times In Application

Sep 15, 2010

In my MVC application ,I am updating my web.config at runtime through application_start event.So, ideally it should be done only when the application is started.BUT in MY mvc application the application_start event of global.asax is being called multiple
times , even when i have not restarted the application.

Its being repetadly called when i am calling different actions , so the webconfig is repetedly updating & making my application very very slow. what's the reason & how to handle this .

View 2 Replies

Security :: Detect Multiple User Logging Into The Same Domain In One Browser?

Jul 12, 2010

Two users using the same machine, same browser.

User 1 logs in the domain.
User 1 changes some data without saving it.
User 2 logs in the domain in a separate tab.
User 1 switches back to his tab and saves the data.
User 1 actually saved the data into User 2!!

This is caused by the following mechanism:

Different tabs in the same browser seems to share the same session id. We are storing user auth in cookie and the cookie is shared between tabs (same domain)

Therefore, when User 1 request to save, it is recognized as User 2 since the cookie has been updated to User 2.

So I'm wondering if there's any other methods to prevent this from happening, other than:

1. Use cookieless session so the session is embedded in uri.

2. Always include a hidden field in page to indicate which user owns the page.

View 1 Replies

Configuration :: How Many App Domain Created When Multiple Instance Of Multiple Application Is Running On Single

Jan 12, 2011

below written question :

1.) What is the name of the OS process in which App Domain resides.

2.)if suppose There are Three Windows application hosted on a same envoirment and two instance is working for each application at a Time, means now total instance are six .what will happen among the below written cases :

a.) There will be six different app domain in a single OS process

b.) There will three app domain(one for each application) in a single OS process and some Parallel thread will be executed in each app domain for another instance.

c.) There will be Three OS process corresponding to each application.

3.) If eveything will remain same except there are three web application in place of windows in point 2, will there be any change in functioning.

View 1 Replies

C# - Application Running Under A Less Privileged Account Start A Process Executing Another Application Under An Administrative Account?

Mar 9, 2011

I am logged in as the administrator when I installed an application named pdflatex.exe on my server. This application works as a converter from LaTeX input file to Pdf file. I host an Asp.net MVC 3 application running under an Application Pool Identity with Load User Profile = True. The Asp.net MVC 3 code contains a code that executes pdflatex.exe using System.Diagnostic.Process instance as follows:

Process p = new Process();
p.EnableRaisingEvents = true;
p.Exited += new EventHandler(p_Exited);
p.StartInfo.Arguments = "-interaction=nonstopmode " + inputpath;
p.StartInfo.WorkingDirectory = @"c:mydomain.comworking";
p.StartInfo.UseShellExecute = false;
p.StartInfo.FileName = "pdflatex.exe";
p.Start();
p.WaitForExit();

From the scenario above, the web application runs under a restricted acount but it executes an external application under a default account that I don't know. Can an application running under a less privileged account start a process executing another application under an administrative account?

View 2 Replies

Performance - What Logging Listener Should Be Used In Production ( Logging Application Block)

Sep 10, 2010

I'm using MS Enterprise Logging Application Block in an ASP.NET website.

For production launch, I will set up a log listener in one of these locations:

Sql Server database
Windows event log
Text files

Which has the least impact on performance?

NB - I can't switch to Log4Net or ELMAH at this point, so don't suggest that in your response.

View 3 Replies

Web Forms :: How To Prevent Multiple User Logins Of Same User ID

Jun 16, 2015

How to prevent multiple user to be logged in at a time using a user id ?

After login in to website, the same user id not login in any other system it gives alert msg User Alrdy Login.. and also i have another query If user do not click logout and directly close browser..

View 1 Replies

How To Display Infomation Onto The Application About The User Account

Mar 16, 2010

I have a website that has a login (Like most websites xD) This then obviosly fetches information from a database and loads it on the page. (EG. Welcome "Display Name")

I have designed and coded a application for my site you can use the features from my web on your desktop, I have added a login (required to use the application) and a register. Both login and register work (Fetching information from the database and writing to the database).

Now I have those out of the way I'm now onto the main part of my program which is to display infomation onto the application about the user account. This could include editing the user account, uploading content to the website or viewing content from the website.. (Sorry but I'd like to explain how I have certain things to get the point across clearly )

Anyway how would I create a sort of session? Like PHP, once you login you can grab information from the database based on the information submitted from the login which was fetched from the database.. When the user presses login on my application it brings them to the main part of the application but I'm now unsure how to load variables and/or session data.

(Side note, I have also sha encryption on my website in the register/login, at the moment VB reads the information from the textbox as normal text is there anyway I can get it to read the sha encryption? and also insert data into the database with this encryption?) - This question is optional.

View 7 Replies

How To Prevent Multiple Login For Same User

Jun 19, 2010

I want to prevent multiple user login for same user in asp.net.. How can I achieve. Note: I want to control without database concepts

View 2 Replies

C# - How To Prevent Multiple Logins Of Same User Id

Apr 8, 2010

how to prevent multiple user to be logged in at a time using a user id ?

I searched the internet and found some ways but somehow they do not work in these situations:

If javascript in brower is turned off.

If user do not click logout and directly close brower.

View 4 Replies

MVC :: Multiple Domains In Single Application

Aug 25, 2010

I want to use my asp.net mvc application with multiple domains (maybe of hundreds),

so I have created custom Route class that matches requests including domain.

Each domain could has different routes, so the number of routes in RouteTable can be huge

(eg 500 domains, each 20 routes = 10000 routes in RouteTable).

I am considering how it will be efficient?

I have an idea to replace RouteTable.Routes (of type RouteCollection)

with custom one (of type Dictionary<string, RouteCollection>).

But how I can override default route matching mechanism with my custom mechanism which will be two step:

1) retrieve RouteCollection from dictionary based on domain name

2) retrieve specyfic Route object (standard route matching mechanism)

How can I do this?

View 4 Replies







Copyrights 2005-15 www.BigResource.com, All rights reserved