On 4 May 2006 15:52:56 -0700, Paul wrote:
I have an ASP.NET application that I want to limit # of concurrent
logins. Has anyone done similar things before? I was trying to
increment a counter in the application and decrement the counter in
"Session_End". However, the "Session_End" will only work for InProc
session. So, is there any other approach?
Because the web is asynchronous and stateless, there is no real way to
guarantee whether someone is just idle for a while, or they've closed their
browser. This means that if a user closes their browser accidentally (or
it crashes) and they try to log back in, you will deny them until some
specified timeout happens. Probably not what you had in mind.
One approach is to check whether another session has been started for that
user, and if it has, the dump the current user with an error message. That
may not be ideal, though.