1

I want to limit concurrent access to internet or intranet web applications.

I want to be able to allow certain number of concurrent access, let's say I want to allow maximum 20 concurrent access using the same username.

I can imagine creating a session at the login time and save it into DB with incrementing a counter, but there is no way to delete it from the DB and decrement the counter if user is logged off, as user may just close the browser.

Guys, what is the best way from your opinion?

Thanks,

Improve this question
2
  • you can call the decrement functions while logging out. i suggest you to use SqlState Server for this project Commented May 10, 2012 at 9:09
  • Slightly OT but are you really solving the right problem? Only 20 users sounds like you are limited by some business service running back end, not due to Your server. Does your solution really need this business server all the time or can you fix the limit to just where it is needed? Commented May 10, 2012 at 9:10

2 Answers 2

Reset to default
1

You are right in that you cannot know if a user just kills his browser or pulls the cord.

Create a timer that does an Ajax call every 30 seconds and log it. If a user isn't in this log for 60 seconds - throw'em out at the server.
This won't stop someone from leaving their browser open over the night and hogging a slot though.

There is another answer mentioning an "last active" field. This on the other hand messes up when someone needs to leave their browser open to look at something for more than the timeout limit of minutes.

If someone is thrown out due to the user/timeout limit; I think it would be nice to have them automagically logged in again totally transparently if there is a slot open again.

Without thinking too hard about it I believe this solution will give birth to other problems.

Edited away:
As I commented - 20 users - are you really solving the right problem?

Improve this answer
Sign up to request clarification or add additional context in comments.

1 Comment

The web application I have can server thousands of users at the same time. Therefore, it is a bit expensive for small companies, so, I want to price it per access to help smaller companies. So, this number is not fixed and vary from customer to another. Please note, most of the customers have different urls to serve their need
0

You may wish to have a "lastactive" field on your session. When someone attempts to log in or otherwise create a session, you can query for all sessions that have been active within a period of time (say 15 minutes), and use the resulting count to tell you how many concurrent sessions are active.

Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.