如何解决asp.net，vb.net中的会话问题? [英] How to tackle the session problem in asp.net,vb.net ?

问题描述

我对存储用户状态有疑问.

满足以下要求:

当授权用户登录系统时，除了当前使用的权限外，不允许他/她从另一台计算机或其他浏览器中登录.-

我们在这里应用的补救措施为:我们将mst_vendor中的"Is_Loggedin"保留为数据类型为"bit"的列作为表名.当用户登录时，我们将标志Is_Loggedin设置为"1"，并且每次有人尝试使用该帐户登录时，系统都会显示错误用户已登录".

当他注销时，一旦单击注销"按钮，注销过程即会变为"0".


问题场景:

1.当用户关闭浏览器时，标记保持不变，即"1"

2.电源关闭时，与"1"相同

3.如果会话超时在预定义值之后，则保持不变.

4.除此之外，可能还有其他场景.

有什么办法可以使用应用程序对象为用户的登录状态存储此内部标记.

它可以提高系统效率，并且可以消除上述有问题的情况.

I have a question regarding storing the status of user.

The following requirement are there:

When authorized user logs into the system.he/she is not allowed to login from another computer or in different browser other than he is using right this time.-

Remedy we applied here as : We have kept " Is_Loggedin" as a column with data type "bit" in a mst_vendor as a table name. when a user logs in we set the flag to Is_Loggedin as "1" and each time when someone tries to log in using this account,the system is showing the error "The user is already logged in"

When he logs out it turns to "0" as logout procedure calls as soon as he clicks log out button.


Problem scenario:

1.When user closes the browser the flag remains the same i.e "1"

2.When power gets off,It remains the same as "1"

3.If session timeouts after a predefined value it remains the same.

4.There may be different scenarios other than this.

Is there any way so that we can store this internal flagging for user''s login status using application object.

It may improve efficiency of the system and also eliminates the above problematic scenarios.

推荐答案

我想每个人都首先尝试这种方法，并且您已经注意到，它不起作用非常好，尤其是当用户未正确注销时.您需要的是不依赖于此的解决方案.

试试这个:

(1)不要只保留一个布尔标志来查看用户是否已登录.
使用DateTime来保存用户上一次活动的时间.这意味着无论何时加载页面或发生回发，都必须更新此值.

(2)注销时，此值将重置为过去的日期(DateTime.MinValue?).这使用户可以立即再次登录.

(3)登录时有两种情况，具体取决于会话超时设置的时间.如果用户的上一次活动的时间比超时值短，那么我们认为他仍然有会话，并且登录将被拒绝.如果上一次活动较早，则登录将照常进行.

这将具有一个小缺点:如果用户未正确注销，则他将不得不等待，直到确定可能的会话超时，直到允许他再次登录为止.

I guess everybody tries this at first and, as you have noticed, it does not work very well, especially when the user does not log out properly. What you need is a solution that does not rely on this.

Try this:

(1) Don''t just keep a boolean flag to see if a user is logged in or not.
Use a DateTime to hold the time of the User''s last activity. This means that this value must be updated whenever a page is loaded or postback occurs.

(2) While logging out, this value is reset to a date in the past (DateTime.MinValue ?). This allows the user to log in again immediately.

(3) While logging in you have two cases, depending on the time set for the session to time out. If the user''s last activity lies back a shorter time than the timeout value, then we assume he still has a session and login will be denied. If the last activity is older, then login will proceed as usual.

This will work with one little drawback: If the user does not log out properly, he will have to wait until it is certain that a possible session times out until he will be allowed to log in again.

这篇关于如何解决asp.net，vb.net中的会话问题?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！