August 15, 2006 at 10:08 am
Hi,
We were wondering if there was a quick way on the server side to detect and message back to the user if he/she tries to login in on more than one work station. Currently, on logining in the user and workstation are verified in the database to allow access to our application. The issue is that the user can login into many workstations due to that each workstation is not assigned to one user. We want to either message back to the user that they are currently logged into another workstation and/or terminates the last login session on a different workstation and allows the user to login.
August 16, 2006 at 2:41 am
Make use of the SYSPROCESSES table.
select * from master..sysprocesses
N 56°04'39.16"
E 12°55'05.25"
August 16, 2006 at 8:56 am
You don't want to give the client application access to master. It would be better to have a user table in your application and set a flag for that user when they start the application and clear it when they exit. When they start the application, check the flag to see they are not logged on before you set it.
August 16, 2006 at 10:07 am
Right, we currently use a user table... plus from the application stand point, the connection to the Database is through the SA account. We are figuring now that it might be too much of a hassle for the user if we lock their account saying that it is currently opened on a different machine say 1/2 a mile away.
Thanks
August 16, 2006 at 11:27 am
Have you (or anyone in your group for that matter) ever read anything on basic security principals!!!! Why in the world would anyone ever under any circumstance use the SA account for access to your SQL Server in an application!?! By allowing the application to access the Server via the SA account you have basically just opened yourself up to a myriad of problems and security risks. It sounds like you have more problems to worry about than locking someone one out from accessing the system twice.
Viewing 5 posts - 1 through 4 (of 4 total)
You must be logged in to reply to this topic. Login to reply