Products

Evoq Content Overview Content Creation Workflow Asset Management Mobile Responsive Personalization Content Analytics SEO Integrations Security Website PerformanceEvoq Engage Overview Community Management  Dashboard  Analytics  Member Profile Gamification Advocate Marketing Community Engagement  Ideas  Answers  Discussions  Groups  Wikis  Events Mobile ReadyDNN Support PackagesEvoq: CMS FeaturesEvoq OnDemandCompare DNN's CMS Products

Solutions

Content Management SystemMulti-Channel PublishingDigital MarketingOnline Community ManagementIntranet Software SolutionOur CustomersPrime

Resources

Test DrivesSchedule A DemoDocumentation CenterWebinarsWhite PapersProduct ManualsRequest PricingData SheetsCase StudiesEvoq Preferred Products Content Management Ecommerce Forms Identity Management and Authentication Site Management Social Themes

Partners

DNN Partners Partner Directory Become a DNN Partner Partner Program Overview  Hosting  Implementation  ISV  Training  Competencies

Community

Participate Ask a Question Forums Community Showcase DNN MVP  Program Overview  Lifetime MVPs  Honorary MVPs Subscribe to DNN Digest Advisory Groups  Awareness Advisory Group  Developer Advisory Group  Partner Advisory Group  Technology Advisory GroupLearn Documentation Wiki Community Blog Video Library Project History Development RoadmapDownload DNN Store Language Packs Manuals Nightly BuildsSecurity Policies Security Center

Blog

About

News Press Releases News Coverage Press KitCareersContact DNN

QA

Ideas Test

New Community Website

Ordinarily, you'd be at the right spot, but we've recently launched a brand new community website... For the community, by the community.

Yay... Take Me to the Community!

Welcome to the DNN Community Forums, your preferred source of online community support for all things related to DNN.
In order to participate you must be a registered DNNizen
HomeHomeUsing DNN Platf...Using DNN Platf...Administration ...Administration ...Preventing Multiple Logins using UsersOnline data?Preventing Multiple Logins using UsersOnline data?
Previous
 
Next
New Post
7/7/2010 12:04 PM
 
Lindsay Miles

Joined: 5/23/2003
Posts: 236
Thought I'd repost this as I replied to an old thread too...

Considering the UsersOnline module.

Looking at the table in the db, it keeps a record of all users online by UserID.
I have not looked at the code as yet so...

Questions:
How does that module track the users logging off? What about simply closing the browser without logging off?

Suggestion(s):
Now, what if an amendment is made to the DNN login (core team?) to check if the UsersOnline module is installed and in use?
What about providing a flag to set in login requirements for the Admin or Host to choose to check UsersOnline? Like requiring CAPTCHA or not...

Therefore, for those who want it, if configured, when a user logs in, if in UsersOnline table, block that login, display msg...

I'm guessing that the UsersOnline table is periodically cleared of "orphaned" records if users have just closed the browser without logoff.
 
New Post
7/7/2010 12:15 PM
 
Sebastian Leupold


Sebastian Leupold's Avatar

Sebastian Leupold's Avatar

Sebastian Leupold's Avatar

Sebastian Leupold's Avatar

www.dnnwerk.de
Joined: 3/8/2004
Posts: 46212
Core table OnlineUsers does not track any logoffs. it tracks page calls and clears the status, if last page call has passed for some time (e.g. 20 + 0 to 10 minutes) if you want to use this information for preventing doouble logins, uses might need to wait up to half an hour, until they can login again.
Cheers from Germany,
Sebastian Leupold

dnnWerk - The DotNetNuke Experts   German Spoken DotNetNuke User Group

Speed up your DNN Websites with TurboDNN
 
New Post
7/7/2010 12:36 PM
 
Lindsay Miles

Joined: 5/23/2003
Posts: 236
Sebastian,

I understand the implications. Running a subscription-based service really needs this kind of protection not to mention users' exposing their data to others IF their credentials have been compromised.

If preventing 100 people from using the same login with the user(s) having to wait 20-30 mins to login, sobeit.
Every 1 user sharing their login with others, subscription sites loose $$. 100 x $fee for every login compromised/shared can be a lot of lost revenue!

It would be nice IF, as I suggested, the UsersOnline module is in use, the Admin/Host can choose to "check for duplicate logins"  under "User Account Settings".

That way we have a choice, it would be IN the core, no special login module needed and we can keep using using registration/subscription module(s) that make use of the core framework/data.

The ensuing support nightmare (if/when that happens) is up to us to deal with!

BUT, it would be great to see this as a core piece of funstionality!
 
New Post
7/7/2010 1:02 PM
 
Sebastian Leupold


Sebastian Leupold's Avatar

Sebastian Leupold's Avatar

Sebastian Leupold's Avatar

Sebastian Leupold's Avatar

www.dnnwerk.de
Joined: 3/8/2004
Posts: 46212
LIndsay, I understand your needs, but this is currently not supported by the core framework, AFAIK there is still an issue, that logouts are not persisted in onlineUsers table and IMHO 20 minutes logout are too long for a paid subscription service. If you need a more reliable information, you should provide your own mechanism, e.g. a client script in your skin, which calls the server every few seconds with a hashed userid, indicating that this user is still online. PS: the usersOnline module is just displaying information from core tables, it doesn't log information itself. 
Cheers from Germany,
Sebastian Leupold

dnnWerk - The DotNetNuke Experts   German Spoken DotNetNuke User Group

Speed up your DNN Websites with TurboDNN
 
New Post
7/7/2010 1:32 PM
 
Lindsay Miles

Joined: 5/23/2003
Posts: 236
Well, consider this:

Many companies/people have intentions, wanted to, or do implement subscription services.
Access to priviledged info, functionality and services = $$.

Specific user-groups and people therein are connected. They share info/data etc.
If 1 person buys access, what is to stop that person sharing amongs the group/community? Revenue LOST!

From a business perspective, DNN should REALLY consider putting this limited-login IN as an OPTION, then let the companies using DNN, decide whether or not to deal with the support issues surrounding this. I know it adds to support issues, but the now-protected revenue (for want of a better expression) would negate that!

Having the UsersOnline module already there is a start! I don't think it that much of a leap to extend to incorporate limited-login.

Having the choice is better than not having that at all.
 
 Page 1 of 1
Previous
 
Next
HomeHomeUsing DNN Platf...Using DNN Platf...Administration ...Administration ...Preventing Multiple Logins using UsersOnline data?Preventing Multiple Logins using UsersOnline data?


These Forums are dedicated to discussion of DNN Platform and Evoq Solutions.

For the benefit of the community and to protect the integrity of the ecosystem, please observe the following posting guidelines:

  1. No Advertising. This includes promotion of commercial and non-commercial products or services which are not directly related to DNN.
  2. No vendor trolling / poaching. If someone posts about a vendor issue, allow the vendor or other customers to respond. Any post that looks like trolling / poaching will be removed.
  3. Discussion or promotion of DNN Platform product releases under a different brand name are strictly prohibited.
  4. No Flaming or Trolling.
  5. No Profanity, Racism, or Prejudice.
  6. Site Moderators have the final word on approving / removing a thread or post or comment.
  7. English language posting only, please.
What is Liquid Content?
Find Out
What is Liquid Content?
Find Out
What is Liquid Content?
Find Out