There is an option into home - system tools - user session to lock any login and allow only one login, but this means only 1 users, whatever is the login. There is no feature to limit according to place. Such a feature is very dangerous, this is the reason: 1) If you use the ip to detect the place, when user (or server) use a proxy (or reverse proxy), the ip viewed by dolibarr may change making dolibarr usage broken. 2) If you use a cookie, information is store on local computer so ne way to server to know there is already a session. 3) If you use a timeout+login, this will works except when user close by error its browser. No way to connect again until timeout is finished. So the only solution is to share information of already logged users into a centralized area like a common file or a memory shared area. But what happen if user is disconnected for example when browser is closed by error. He can't connect again. So workaround is to share both the login already loggued with its ip to filter only if couple is same, but you will be faced to problem number 1 again. If you use a timeout to avoid using ip, you will be faced problem 3.
By default HTTP protocol is a stateless protocol, so it is not easy to use this protocol to add a feature that need a global statefull protocol. And PHP does provide statefull solution (the session) but only per browser, not global statefull solution. To have something efficient, without all problems, you will probably have to use an id specific to browser and use : - centralized storing (time, id specific to computer that is not ip, login) - cookie - javascript to define the computer id that is sent during login (but which one ?) Le 30/11/2012 21:23, Florian Henry a écrit : > Hello Dolibarr developpers, > > After a short check into dolibarr code, I didn't found the answer > so I ask to the community. > > I wonder if it possible to restrict dolibarr to one connection per > login, with some hidden global variables ? > I explain, I want to be sure that only one login like admin, can > be logged in at a time. I don't want the same login been use by > different users from different computers at the same time. > > ------------------------------------------------- > > Bonjour a tous, > > Aprés une courte vérification, sans sucées, je me demandais si > vous connaissiez une variable globale a paramétré pour éviter que > plusieurs personnes se connexte a Dolibarr avec le même login de > différent ordinateur en même temps ? > Le premier est connecter et les suivants se voie rejeter l'accés, > tant que le premier ne s'est pas déconnecter (ou que se session a expiré) > > Cdt. > -- Eldy (Laurent Destailleur). EMail: [email protected] Web: http://www.destailleur.fr Dolibarr (Project leader): http://www.dolibarr.org To make a donation for Dolibarr project via Paypal: [email protected] AWStats (Author) : http://awstats.sourceforge.net To make a donation for AWStats project via Paypal: [email protected] AWBot (Author) : http://awbot.sourceforge.net CVSChangeLogBuilder (Author) : http://cvschangelogb.sourceforge.net _______________________________________________ Dolibarr-dev mailing list [email protected] https://lists.nongnu.org/mailman/listinfo/dolibarr-dev
