Click here to Skip to main content
Click here to Skip to main content

Tagged as

Go to top

Prevent Simultaneous Logins by a Single User ID in ASP.NET

, 12 Jul 2011
Rate this:
Please Sign up or sign in to vote.
Using this code block, you can prevent simultaneous logins by a single User ID.

Using this code block, you can prevent simultaneous logins by a single User ID.

In order to use this code, you need to have your customized session based authentication method, which means that in your login method, you need to fetch the user from your storage (database, XML ...) and create a user object and put it in the Session. After that, the following code block should be used:

Hashtable sessions = (Hashtable)Application["WEB_SESSIONS_OBJECT"];
//"sessionsthis will be a pointer to all

Your login method will look like this:

void yourLoginMethod(string userID, string password)
{
    //put your login logic here and put the logged in user object in the session.

    //getting the sessions objects from the Application
    Hashtable sessions = (Hashtable)Application["WEB_SESSIONS_OBJECT"];
    if (sessions == null)
    {
        sessions = new Hashtable();
    }
 
    //getting the pointer to the Session of the current logged in user
    HttpSessionState existingUserSession = 
         (HttpSessionState)sessions[userID]; if (existingUserSession != null)
    {
        existingUserSession[WebKeys.USEROBJECT] = null;
        //logout current logged in user
    }
 
    //putting the user in the session
    Session[WebKeys.USEROBJECT] = user;
    sessions[user.UserName] = Session;
    Application.Lock(); //lock to prevent duplicate objects
    Application["WEB_SESSIONS_OBJECT"] = sessions;
    Application.UnLock();
}

Your logout method will look like this:

void yourLogoutMethod(string userID)
{
    //put your logout logic here, remove the user object from the session.
    Hashtable sessions = (Hashtable)Application["WEB_SESSIONS_OBJECT"];
    if (sessions == null)
    {
        sessions = new Hashtable();
    }
 
    Session.Abandon();
    sessions.Remove(userID);
 
    Application.Lock();
    Application["WEB_SESSIONS_OBJECT"] = sessions;
    Application.UnLock();
}

License

This article, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

Share

About the Author

Bahram Ettehadieh
Web Developer
Iran (Islamic Republic Of) Iran (Islamic Republic Of)
I hold a BS degree in software engineering and am a Microsoft Certified Solution Developer(MCSD).
I have more than 8 years of experience in .NET developement, mostly web develop using C# and ASP.NET.

Comments and Discussions

 
QuestionWebKeys.USEROBJECT Pinmemberthisisiprasadn16-Jul-12 1:45 
Generalwebsites like yahoo, gmail... sign out the first user when t... PinmemberBahram Ettehadieh28-Nov-11 20:58 
websites like yahoo, gmail... sign out the first user when the second user logs in with same user name, I also have done that in the login method, also the user will be automatically signed out when the session expires
GeneralWhat happends when someone not clicking on signout buttton. ... PinmemberRamYadav_RY29-Jul-11 2:58 
GeneralWe did something similar at my last company to prevent shari... PinmemberMatthew A Jones21-Jul-11 3:52 
GeneralRe: I did something similar for our company's web app, any login... PinmemberdimensionJumper12-Oct-11 6:19 
GeneralThis method doesn't prevent multiple windows in the same bro... PinmemberAndyHo18-Jul-11 13:17 
GeneralRe: I'm not sure that's possible, at least using server side cod... PinmemberBahram Ettehadieh19-Jul-11 19:36 

General General    News News    Suggestion Suggestion    Question Question    Bug Bug    Answer Answer    Joke Joke    Rant Rant    Admin Admin   

Use Ctrl+Left/Right to switch messages, Ctrl+Up/Down to switch threads, Ctrl+Shift+Left/Right to switch pages.

| Advertise | Privacy | Mobile
Web01 | 2.8.140916.1 | Last Updated 12 Jul 2011
Article Copyright 2011 by Bahram Ettehadieh
Everything else Copyright © CodeProject, 1999-2014
Terms of Service
Layout: fixed | fluid