were
normal users. And how many people were just looking at the page but not
logged in.
Look into coldfusion.runtime.SessionTracker
_
From: Tim Do [mailto:[EMAIL PROTECTED]
Sent: Thursday, October 14, 2004 3:32 PM
To: CF-Talk
Subject: How to prevent multiple logins
How would I go about
o: CF-Talk
Subject: Re: How to prevent multiple logins
Not sure I get what you mean by lost accidentally.
Adding an onscreen note to the logged-off individual effectively takes
care of help desk issues.
"You have been logged off because another user has logged on with your
credent
Barney Boisvert wrote:
> Give them a nice message that says someone else logged in with their
> credendials, and they need to do something about it.
I think it all depends on what you want from your app. For some, like
a commercial membership site, that would probably be undesirable.
Others may
Not sure I get what you mean by lost accidentally.
Adding an onscreen note to the logged-off individual effectively takes
care of help desk issues.
"You have been logged off because another user has logged on with your
credentials at another workstation. You may wish to call Security, or
your
There's not reason you have to just kill the first user's session.
Give them a nice message that says someone else logged in with their
credendials, and they need to do something about it.
The 2 browser issue isn't an issue if they're instances of the same
browser, becaue they'll share a session,
wsers open with the same app. That would personally drive me crazy.
John
-Original Message-
From: Matt Robertson [mailto:[EMAIL PROTECTED]
Sent: Friday, October 15, 2004 12:50 PM
To: CF-Talk
Subject: Re: How to prevent multiple logins
John wrote:
> But if you force off the first login,
I wrote:
>...For that you need a system that can expressly allow unique
>logins...
Oops. I meant 'duplicate logins'
--Matt--
[Todays Threads]
[This Message]
[Subscription]
[Fast Unsubscribe]
[User Settings]
[Donations and Support]
John wrote:
> But if you force off the first login, that may not be the same user, but
> it may be a different user using the same login. You can't force
> someone off while they're in the app.
Oh yes you can, and depending on your business rules maybe you should.
If only one user is supposed
I agree with fuzzylizard. You have to make processing decisions and
have mgmt okay it. Let everyone know what may/could/would happen if they
login concurrently. Once users know this, it would meet everyone's
expectations. This pretty much boils down to communication (a lost skill
=) LOL.
[Todays T
At 11:51 AM 10/15/2004, Chris Johnston wrote:
>There is no method, that I know of, that is
>going to work in such a way that it never inconviencences the user
>while at the sametime providing top notch security and preventing
>concurrent logins. It is an either-or situation.
Yes. It's not a techni
On Fri, 15 Oct 2004 11:37:54 -0400, Burns, John D
<[EMAIL PROTECTED]> wrote:
> What about people whose connection changes Ips? The new NMCI setup for
> military bases gives users a pool of Ips that change regularly. Our
> company has 2 external Ips that change as needed, so the guaranteed IP
> co
arooq [mailto:[EMAIL PROTECTED]
Sent: Friday, October 15, 2004 11:33 AM
To: CF-Talk
Subject: Re: How to prevent multiple logins
At login store the users IP . ... and keep checking the IP against the
one stored... on each request..
if it changes... log the current user... out and say.. someone else
It doesn't, apart from via inference as the users realise that if they
share their user account they are likely to be forced off the system
with no notice.
On Fri, 15 Oct 2004 11:11:42 -0400, Scott Stroz <[EMAIL PROTECTED]> wrote:
> But how will that stop someone else from trying to login as one o
arted the
> session...unless they're on the same machine and have a cookie or
> something).
>
> John
>
> -Original Message-
> From: Matt Robertson [mailto:[EMAIL PROTECTED]
> Sent: Thursday, October 14, 2004 4:15 PM
> To: CF-Talk
> Subject: Re: How to preven
From: Matt Robertson [mailto:[EMAIL PROTECTED]
> > Sent: Thursday, October 14, 2004 4:42 PM
> > To: CF-Talk
> > Subject: Re: How to prevent multiple logins
> >
> > > I think the biggest decision that the person who asked will have to
> > > make is the bu
n [mailto:[EMAIL PROTECTED]
> Sent: Thursday, October 14, 2004 4:42 PM
> To: CF-Talk
> Subject: Re: How to prevent multiple logins
>
> > I think the biggest decision that the person who asked will have to
> > make is the business logic for when a session that is cu
2004 4:42 PM
To: CF-Talk
Subject: Re: How to prevent multiple logins
> I think the biggest decision that the person who asked will have to
> make is the business logic for when a session that is currently logged
> in is no longer logged in.
The only way that I have seen to do handle t
No it doesn't, because there's no guarentee that the second logon
request will come from the same computer/browser, and therefore use
the same sticky. If I log in from work and my wife tries to log in
from home under my account, chances are 1 in N that we'll hit the same
server, where N is the siz
>The app structure won't work across a cluster.
With sticky sessions it does :)
[Todays Threads]
[This Message]
[Subscription]
[Fast Unsubscribe]
[User Settings]
[Donations and Support]
> I think the biggest decision that the person who asked will have to make
> is the business logic for when a session that is currently logged in is
> no longer logged in.
The only way that I have seen to do handle the scenario you are
describing is to force off the first login in favor of the se
On Thu, 14 Oct 2004 16:21:45 -0400, Burns, John D
<[EMAIL PROTECTED]> wrote:
> I think the biggest decision that the person who asked will have to make
> is the business logic for when a session that is currently logged in is
> no longer logged in. For instance:
>
> If User A logs in at 10AM and
rted the
session...unless they're on the same machine and have a cookie or
something).
John
-Original Message-
From: Matt Robertson [mailto:[EMAIL PROTECTED]
Sent: Thursday, October 14, 2004 4:15 PM
To: CF-Talk
Subject: Re: How to prevent multiple logins
Barney Boisvert wrote:
> Ad
The app structure won't work across a cluster.
cheers,
barneyb
On Thu, 14 Oct 2004 13:15:06 -0700, Matt Robertson
<[EMAIL PROTECTED]> wrote:
> Barney Boisvert wrote:
> > Add a two fields to your user table: isLoggedIn and lastAccessDate.
>
> Or do it in an application structure and save yourself
Barney Boisvert wrote:
> Add a two fields to your user table: isLoggedIn and lastAccessDate.
Or do it in an application structure and save yourself the db
overhead. I use/maintain a 2d array to show a bunch of stuff as part
of a Who's On app. When a user logs in their user ID is planted in
their
On Thu, 14 Oct 2004 12:32:09 -0700, Tim Do <[EMAIL PROTECTED]> wrote:
> How would I go about preventing multiple logins w/ the same username and
> password? I'm currently using client variables for this. I tried checking
> the data field in CDATA but not having any luck. If a user does not log o
Add a two fields to your user table: isLoggedIn and lastAccessDate.
Set the former to true when the user logs in, and update the latter
every request. When you get a login request for the user, only allow
it if isLoggedIn is false OR lastAccessDate is more than your session
timeout in the past (m
How would I go about preventing multiple logins w/ the same username and
password? I'm currently using client variables for this. I tried checking
the data field in CDATA but not having any luck. If a user does not log out
and just closes the window or the session is timed out, there is still a
MAIL PROTECTED]>
Sent: Monday, September 30, 2002 1:55 PM
Subject: How to prevent multiple logins?
> How do I prevent multiple users loggin in a a same time using the same
> account?
>
> I'm using session variables to track auth users.
>
> Thanks.
>
> Thanh
>
>
How do I prevent multiple users loggin in a a same time using the same
account?
I'm using session variables to track auth users.
Thanks.
Thanh
__
Get the mailserver that powers this list at http://www.coolfusion.com
FAQ
29 matches
Mail list logo