session-state

How to prevent user to login from multiple location or from different browser in same pc

♀尐吖头ヾ 提交于 2019-12-09 20:31:58
问题 I am creating an application where users cannot attempt multiple logins . If a particular user logs in, my database flag value becomes set to 1 that means no other member who has the same username and password can login. If a user signs out my database flag value is set to 0 . That's all working fine but now I have one different problem that is when a user suddenly closes the browser without logout page or session is timeout then automatically the database flag value should be set to 0 . Now

ASP.NET and Sessions - New Browser Instance versus New Browser Window

寵の児 提交于 2019-12-09 18:16:47
问题 I'm hoping someone can clarify this behavior for me, and explain how ASP.NET is deciding when to treat something like a new Session. A) In Internet Explorer I load the ASP.NET site in question. It starts a new Session. B) If I go to menu File - New Window... it stays within the same Session. C) If I launch a new instance of Internet Explorer and load the same page it starts a new Session. I'm confused by step C. I'm expecting it to be the same session based on my remote IP. What is IIS / ASP

MVC SessionStateAttribute not working as Global Attribute

会有一股神秘感。 提交于 2019-12-09 18:01:05
问题 How do you setup SessionStateAttribute as a global filter in MVC3? In my Global.asax I have this in the RegisterGlobalFilters method. filters.Add(new SessionStateAttribute(SessionStateBehavior.Disabled)); And in my home controller I have this. public class HomeController : Controller { public ActionResult Index() { ViewBag.Message = "Welcome to ASP.NET MVC!"; Session["Blend"] = "Will it blend?"; return View(); } public ActionResult About() { return View(); } } But for some reason it still

what's differences between “forms timeout”, “membership userIsOnlineTimeWindow” and “sessionState timeout”

泪湿孤枕 提交于 2019-12-09 09:25:24
问题 What is the difference between these lines of code: <forms timeout="5" /> <membership userIsOnlineTimeWindow="5" /> <sessionState timeout="5" /> Thanks a lot. 回答1: Forms (FormsAuthention) are used for authentication and when it times out it will logout user. You can 'prevent' timeout by setting SlidingExpiration property to 'true' and it will renew forms ticket on user activity (read request to asp) if needed. This will keep user logged on while he is 'active' on your site. Membership is used

Session.Clear() vs. Session.RemoveAll()

我只是一个虾纸丫 提交于 2019-12-09 07:26:33
问题 Is there a difference between Session.Clear() and Session.RemoveAll() ? The descriptions and documentation pages seem to say exactly the same thing, but I am assuming there must be some reason for creating two functions, am I right? 回答1: To be save you can always just call them all like so.... Session.Clear() Session.Abandon() Session.RemoveAll() VB.NET example, I am sure all you need to do is place the ; at the end of each of them. This did the trick for me as I had some problems with my

Use Session ID from supplied parameter instead of default behavior in ASP.NET MVC3

元气小坏坏 提交于 2019-12-08 14:03:28
I am writing a simple proof-of-concept web service using ASP.NET MVC3 controller with JSON input/output. I want to allow a login based on a DB table and to return an API key and a session ID . With subsequent requests to other APIs I require passing both API key and a session ID. How can I set up my MVC3 project so that neither cookie nor cookieless session is being used. I want the session ID from JSON request to be used instead and still have the convenience of a Controller.Session . Is this possible? I don't want to reinvent the wheel with my own session handling. YOu can use the

ASP.NET session vs session state and cookies vs cookie less

走远了吗. 提交于 2019-12-08 12:53:09
问题 Please help me whether my understanding is right. ASP.NET sessions are stored on the web server and no cookies whatsoever are used for this. ASP.NET if configured to use session with webconfig->session state: then we can configure it as either stateconnection or as sqlconnection. ASP.NET if configured to use session state (either as stateconnection or as sqlconnection) then when user uses sessions in code then the cookies on client machine are used unless you specify in webconfig that

Execute code on every request in ASP.NET MVC

回眸只為那壹抹淺笑 提交于 2019-12-08 10:56:01
问题 I have a controller that all my controllers inherit from and I need to execute some code for every controller request. I tried the following: protected override void Execute(System.Web.Routing.RequestContext requestContext) { if (Session["mallDetected"] == null) { Session["mallDetected"] = DateTime.Now.Ticks; IList<Mall> malls = Mall.FindNearestByIp(Request.UserHostAddress); if (malls.Count > 0) { Session["mall"] = malls[0]; } } base.Execute(requestContext); } But apparently session state isn

IdentityServer SSO - Trusted application

南笙酒味 提交于 2019-12-08 06:24:38
问题 I need to SSO (single sign on) a user coming from an application of mine (identity provider using ASPNET Session State) and redirect them to another application of mine (service provider) that is configured to use implicit flow with IdentityServer4. I need to achieve this without requiring the user to log back in and without providing the user's password. My initial thought was that I could use a client secret for the identity provider to redirect the user to the IdentityServer4

How do I get Unity to inject a reference to HttpSessionState to a service

我只是一个虾纸丫 提交于 2019-12-08 05:57:34
问题 Disclaimer: I have a fair bit of experience with DI containers but am quite new to Unity. I have an MVC project that is all wired up with Unity DI using constructor injection and works great. But I now have a service that I want to inject into my controllers (and maybe places other than controllers at some point) and this service needs access to ASP.NET session state. The service's purpose is to manage a list in session and I don't want the list mechanics in my controller. I realize I could
订阅 session-state