Kevin,
add a boolean field to your user table called "loggedin" ...when you query
the table to authenticate check the value of this field...if 0...user can
log in...otherwise "sorry you are already logged in"...be sure to trip this
field to 1...whenever the user logs in.
Brad Tumy
-----Original Message-----
From: Kevin Gilchrist [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, April 04, 2001 10:28 AM
To: CF-Talk
Subject: Concurrent users and client certificates
Hi all,
I need to meet a business requirement where the same user cannot be logged
in concurrently, i.e. if I log in a kgilchrist from one machine, I can't log
in again from another machine until at least the first session ends.
At the moment users are given a client certificate which I authenticate
against a database and I then set a few session variables to mark them as
authenticated etc. The session vars are disassociated when the browser
closes loses the temp cookie.
As part of the authentication process, do I need to somehow search through
all the other sets of session variables? How would I do that?
>From reading some of the threads on the list it seems that using session
variables isn't necessarily a good thing either. Need to do some
reading....
Thanks,
Kevin
Kevin Gilchrist
Senior Consultant
RedSiren Technologies Inc.
(412) 281 4427 ext 466
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Structure your ColdFusion code with Fusebox. Get the official book at
http://www.fusionauthority.com/bkinfo.cfm
Archives: http://www.mail-archive.com/[email protected]/
Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
