Re: Prevent multiple login

From: Sandy Thrasher <sandra.thrasher_at_MCI2000.com>
Date: 1998/01/14
Message-ID: <xL0v.3951$412.839242_at_news.internetMCI.com>#1/1

[Quoted] You can do this at the application by recording current users in a table and [Quoted] modifying your app to check that table during login - this means an entry is [Quoted] made in the CUR_USER table during login and deleted before logoff. At login, If the user is already in the table, then don't allow login. For this approach you've got to consider that the user may have aborted his session without loggin in gracefully. How you can handle this is to also record a PC# in the CUR_USER table and assume that if a USER is trying to login at PC#12 and he's logging in from PC#12, then he has logged out ungracefully and you should allow him to login.

This does not prevent connections by that user from SQL*PLUS or some other app.

What we've done is to only allow SELECT by our users in SQL*PLUS so if he logs in there, it's of no consequence.

We've also separated our app login id and password from the DB login and password. The user only knows his APP ID and password. This way the normal [Quoted] user wouldn't know how to login anyway.

Sandy Received on Wed Jan 14 1998 - 00:00:00 CET

This message: [ Message body ]
Next message: Bert Scalzo: "Re: Prevent multiple login"
Previous message: David Slonosky: "Oracle Database Designer"
In reply to: Tapan Das: "Prevent multiple login"
Next in thread: Bert Scalzo: "Re: Prevent multiple login"
Reply: Bert Scalzo: "Re: Prevent multiple login"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ]

Original text of this message