avoid multiple simultaneous login using asp

Collapse
X
Collapse
 
  • Page of 1
  • Time
  • Show
Clear All
new posts
Previous template Next
  • AnuSumesh
    New Member
    • Aug 2007
    • 96
    #1

    avoid multiple simultaneous login using asp

    Hi All,

    I want to avoid multiple simultaneous login to the site.
    The way it should work is If a person has logged in to the site from one machine and he is logging in to the portal from the other machine without logging off the previous session, it should disconnect the previous session and open the new session (similar to yahoo messenger.)

    I am able to find out the session details of first session (session id etc.) but i dont know how to log off from previous session?

    Can Anyone help me?

    Thanks a Lot.

    Regards,
    Anu
    Tags: None
    • Nicodemas
      Recognized Expert New Member
      • Nov 2007
      • 164
      #2
      Oof, I tried doing this once strictly with session GUIDs, but I gave up. What I ended up with is this:

      What I think has to happen is, you store the user's session GUID in your user database table each time he/she logs in.

      Each time your system checks if a user is logged in, your script compares the GUID to the one in the database. If they do not match, user's session is terminated, which effectively logs him out.

        Comment

        • AnuSumesh
          New Member
          • Aug 2007
          • 96
          #3
          Hi Nicodemas,

          First of all Thanks for reply.

          Actually i am using XML file.
          And currently what i m doing is : if user is logged in one machine and he is trying to log in second machine then he is not allowed to log in on 2nd machine.
          But i want that he should be logged off from first machine 'n' should be logged in 2nd machine.
          But in ASP, i did not find any way to kill another session.

          Regards,
          Anu Garg

            Comment

            • Nicodemas
              Recognized Expert New Member
              • Nov 2007
              • 164
              #4
              The same concept still applies.

              When a user logs in, a new, unique value is stored in your XML file (like a GUID) and in a session variable.

              Each page that checks if the user is logged in compares the session variable to the new, unique value. If it does not match, then the script checking if the user is logged in should fail, clear out any session variables, and redirect the user to the login page.

                Comment

                • AnuSumesh
                  New Member
                  • Aug 2007
                  • 96
                  #5
                  Originally posted by Nicodemas
                  The same concept still applies.

                  When a user logs in, a new, unique value is stored in your XML file (like a GUID) and in a session variable.

                  Each page that checks if the user is logged in compares the session variable to the new, unique value. If it does not match, then the script checking if the user is logged in should fail, clear out any session variables, and redirect the user to the login page.
                  Hi,

                  Thanks for reply.
                  I have done it. I m using following code when new Session Id does not match with old Session Id:

                  set xmlhttp = server.Createob ject("WinHttp.W inHttpRequest.5 .1")
                  xmlhttp.Open "GET",url
                  xmlhttp.Option( 4) = 13056
                  xmlhttp.setRequ estHeader "Cookie", cookie
                  xmlhttp.send

                  where url ------- is url of page for my log off page
                  cookie ---- is session id of first session that i want to log off

                  It is working fine.

                  Regards,
                  Anu Garg

                    Comment

                    Previous template Next
                    Working...