----------------------------------------------------------- New Message on BDOTNET
----------------------------------------------------------- From: SitaramanM Message 6 in Discussion Hi Normally the method followed and the ones specified by others in the post is that In the Session OnStart maintain a flag On each Request Authentication check for that flag and allow access On the login using same id by other user check the flag and allow disallow login as per the requirement Catch is that when will the loggedonflag be set to false!!!!!! Session OnEnd looks like the likely option. Right!!!! but there is a catch here. The session onend event is HIGHLY unreliable, more so if yuou want a scalable application. In your application currently you might be using InProcess State Management and everything might be hunky-dory. But if you later plan to move to out of proces statemanagement(StateServer/SQLServer then your flag checking loic will go for a toss, coz there is a problem in the Session=OnEnd getting fired in StateSefrver/SQLServer based storage The big problem, it turns out, is that with StateServer and SQL Server Sessions, the Session_End event in Global is never fired. Only InProc mode fires this. So in order to avoid user coming after you with hatchets and knives, you would need to come up with some sort of reliable surrogate for the Session_End event Check out the "Preventing Multiple Logins in ASP.NET" url "http://www.eggheadcafe.com/articles/20030418.asp"; AND Prevent Multiple Logins Using the Cache in ASP.NET url "http://www.eggheadcafe.com/articles/20030416.asp";. That should help u out... regards, sr ----------------------------------------------------------- To stop getting this e-mail, or change how often it arrives, go to your E-mail Settings. http://groups.msn.com/BDotNet/_emailsettings.msnw Need help? If you've forgotten your password, please go to Passport Member Services. http://groups.msn.com/_passportredir.msnw?ppmprop=help For other questions or feedback, go to our Contact Us page. http://groups.msn.com/contact If you do not want to receive future e-mail from this MSN group, or if you received this message by mistake, please click the "Remove" link below. On the pre-addressed e-mail message that opens, simply click "Send". Your e-mail address will be deleted from this group's mailing list. mailto:[EMAIL PROTECTED]
