Stopping login abuse in a load balance scenario

Hi,

The problem....

We have 2 webservers, behind a Load Balancer.

We have set the website on both boxes to store sessions in SQLServer.

To prevent people sharing the logins, we have utilised the following
article http://www.eggheadcafe.com/articles/20030418.asp (Which stores
logged in users in an Cache set as Sliding expiration)

However, it seems that despite our settings, if two people try to log in,
and they are directed to different servers, they can still login.

We have confirmed this is the case - is it possible for us to prevent this
without resorting to third party software?

re: Stopping login abuse in a load balance scenario

you need to move the login status from a server cache to sqlserver table.

-- bruce (sqlwork.com)


"Paul" <paul@nospamspireite.ndo.co.uk> wrote in message
news:13ltfca27h14j.wfjo6rapn9g2$.dlg@40tude.net...[color=blue]
> Hi,
>
> The problem....
>
> We have 2 webservers, behind a Load Balancer.
>
> We have set the website on both boxes to store sessions in SQLServer.
>
> To prevent people sharing the logins, we have utilised the following
> article http://www.eggheadcafe.com/articles/20030418.asp (Which stores
> logged in users in an Cache set as Sliding expiration)
>
> However, it seems that despite our settings, if two people try to log in,
> and they are directed to different servers, they can still login.
>
> We have confirmed this is the case - is it possible for us to prevent this
> without resorting to third party software?
>
>[/color]