DevForce Community Forum : How To: LoginManager enable single session per login

How To: LoginManager enable single session per login : I've seen that before...

Thu, 23 Feb 2012 09:38:27 -700

Author: katit
Subject: 3277
Posted: 23-Feb-2012 at 9:38am

I've seen that before and I think one of the best ways to handle this stuff (I'm about to do it myself) it to keep some kind of token on a server and remove it when same user logs in. That will kick out previous user - this can be done with push notifications to OTHER users.

It will work like so:

Person1 logs in as "User1" and writes tag "Person1:User1"

Person 2 comes along and logs in as "User1" - while logging in - it will detect that Person1:User1 already logged in and will kick him out by sending push notification. Person1 in fact may be out already, but if not - he will get notification that someone with same login just connected and he is being pushed out.

This kind of stuff will be obvious for users and they will buy licenses if that is a main point :)

How To: LoginManager enable single session per login : OK. Well, you can hook into the...

Tue, 21 Feb 2012 13:18:16 -700

Author: kimj
Subject: 3277
Posted: 21-Feb-2012 at 1:18pm

OK. Well, you can hook into the window OnBeforeUnload event and call Logout there. Unfortunately, it's not really clear whether requests to the server will always make it through. A timer would help, but then you'll also need to track user activity so that you know when a session has gone stale.

Here's some info on hooking into the window unload: http://mark.mymonster.nl/2009/02/28/integration-of-browsers-unloading-with-silverlight/

How To: LoginManager enable single session per login : If we talk Silverlight - I...

Tue, 21 Feb 2012 13:07:19 -700

Author: katit
Subject: 3277
Posted: 21-Feb-2012 at 1:07pm

If we talk Silverlight - I don't think users will ever "logout". They will close browser most likely.

How To: LoginManager enable single session per login : Hi Chris, DevForce itself doesn't...

Tue, 21 Feb 2012 12:36:39 -700

Author: kimj
Subject: 3277
Posted: 21-Feb-2012 at 12:36pm

Hi Chris,

DevForce itself doesn't provide this, but you should be able to do what you need within your custom IEntityLoginManager. An instance of your login manager is constructed by an EntityServer when it starts, so you can keep your own state for the lifetime of the EntityServer. Since a login manager implements both Login and Logout methods you can add and remove the user from your own list or dictionary, and check this to restrict access. The only real way to fail a login is to throw a LoginException (or a custom sub-type of it), but what you throw in your login manager will flow back to your client application.

How To: LoginManager enable single session per login : Hi, Please can you advise on...

Tue, 21 Feb 2012 07:02:22 -700

Author: Chrizy
Subject: 3277
Posted: 21-Feb-2012 at 7:02am

Hi,

Please can you advise on how best to solve the following requirement?

I have created a custom LoginManager which is validating theusers credentials against my database, I need to restrict access to only onesession per user (Users are paying on a per user license). The way I think thisshould work is ideally to warn the user they are already logged in, offer acontinue/exit option and if they continue logout the initial instance.

Thanks

Chris