How to prevent multiple login from single user name? I am saving username and password in database. I want the user to login from 1 place at a time only.
For more information on how to configure your ASP.NET application, please visit http://go.microsoft.com/fwlink/?LinkId=169433
Below is a code which I have tried
Config File
<configuration>
<system.web>
<compilation debug="true" targetFramework="4.5" />
<httpRuntime targetFramework="4.5" />
<httpModules>
<add name="SingleSessionEnforcement" type="SingleSessionEnforcement" />
</httpModules>
</system.web>
<system.webServer>
<validation validateIntegratedModeConfiguration="false"/>
<modules runAllManagedModulesForAllRequests="false" >
<add name="SingleSessionEnforcement" type="SingleSessionEnforcement" />
</modules>
</system.webServer>
</configuration>
Class File
using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.Security;
namespace Demo1
{
public class SingleSessionEnforcement : IHttpModule
{
public SingleSessionEnforcement()
{
// No construction needed
}
private void OnPostAuthenticate(Object sender, EventArgs e)
{
Guid sessionToken;
HttpApplication httpApplication = (HttpApplication)sender;
HttpContext httpContext = httpApplication.Context;
// Check user's session token
if (httpContext.User.Identity.IsAuthenticated)
{
FormsAuthenticationTicket authenticationTicket =
((FormsIdentity)httpContext.User.Identity).Ticket;
if (authenticationTicket.UserData != "")
{
sessionToken = new Guid(authenticationTicket.UserData);
}
else
{
// No authentication ticket found so logout this user
// Should never hit this code
FormsAuthentication.SignOut();
FormsAuthentication.RedirectToLoginPage();
return;
}
MembershipUser currentUser = Membership.GetUser(authenticationTicket.Name);
// May want to add a conditional here so we only check
// if the user needs to be checked. For instance, your business
// rules for the application may state that users in the Admin
// role are allowed to have multiple sessions
Guid storedToken = new Guid(currentUser.Comment);
if (sessionToken != storedToken)
{
// Stored session does not match one in authentication
// ticket so logout the user
FormsAuthentication.SignOut();
FormsAuthentication.RedirectToLoginPage();
}
}
}
public void Dispose()
{
// Nothing to dispose
}
public void Init(HttpApplication context)
{
context.PostAuthenticateRequest += new EventHandler(OnPostAuthenticate);
}
}
}
ASPX.cs
using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.UI;
using System.Web.UI.WebControls;
namespace Demo1
{
public partial class login : System.Web.UI.Page
{
protected void Page_Load(object sender, EventArgs e)
{
}
protected void Button1_Click(object sender, EventArgs e)
{
//TextBox userNameTextBox = (TextBox)LoginUser.FindControl("UserName");
SingleSessionPreparation.CreateAndStoreSessionToken(userNameTextBox.Text);
}
}
}
ASPX
<%@ Page Language="C#" AutoEventWireup="true" CodeBehind="login.aspx.cs" Inherits="Demo1.login" %>
<!DOCTYPE html>
<html xmlns="http://www.w3.org/1999/xhtml">
<head runat="server">
<title></title>
</head>
<body>
<form id="form1" runat="server">
<div>
Name: <asp:TextBox ID="userNameTextBox" runat="server"></asp:TextBox><br/>
Password: <asp:TextBox ID="PasswordTextBox" runat="server"></asp:TextBox><br/>
<asp:Button ID="Button1" runat="server" Text="Button" OnClick="Button1_Click" />
</div>
</form>
</body>
</html>
It is giving this error:
Could not load type 'SingleSessionEnforcement'.
Description: An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code.Exception Details: System.Web.HttpException: Could not load type 'SingleSessionEnforcement'.
Please refere the attached image of the error:
Please guide me to solve the issue.
The type attribute needs to include the namespace: