Limit number of simultaneous users access

Scriptcase 9 General
#1

What would be a good way to limit the number of simultaneous users access into the system, say for user license purpose?
I used the SC auto generated security feature and it has a very good control on user login. However, I am trying to limit the number of simultaneous login to my system.

I tried to use the sec_UserGroupLogged table to limit the count of the records to say less than or = 5, however, I later realized that if the users do not logout properly and just quit the system by clicking the browser’s close button (x), the record of the user login would just hang inside the sec_UserGroupLogged table until the next time the user logs in again… Due to this, I am unable to use the record count to limit the number of simultaneous users to my system.

Any ideas?
Help please… thanks

GT

#2

There’s no real solution for your problem. Look at Scriptcase itself, if users are logged in more than once (because an old session exists) it will request to logout one of the users.

You might want to keep track of the duration of a session and if you think that the amount of concurrent users is reached find a user who can automatically logged out. But a real safe method is difficult.

#3

Hm…:frowning:

#4

I just read quite a bit about the session etc, and yes, it is very true to manage the live session ID in a web environment.

If that is the case, then I would have to limit the creation of the users. Say if I only allow 5 concurrent users, then the record count in sec_UserGroups_Users would be limited to 5. This way even if the users close the browser without proper logout, I can still manage that, at any one time, a maximum of 5 users are allowed to enter to the system.

GT

#5

I wonder how you are going to do that. If a user closes the browser then the old session persists. How can you see that this session is not active any more? It’s the problem of sc itself, sometimes we cannot login due to the amount of sessions exceeded. We have a 4 user licence and only 2 people are continuously developing. Sometimes sessions tend to ‘hang’. Since a user can have more than one login, he/she can kill this session legally…

#6

HI Geotsv,
I can control live sessions using http://pusher.com/ only one user can use same account at the same time, and when the user close the browser the session ends.
This is because when the users logins to your app in sc, in background he log into the pusher channel and if other user wants to use the same account, you can verify that the first user its still in the channel, when the user closes the browser window pusher logout the user from the channel.

Pusher are Websockets so you dont need to make request every second to see if the user is alive like in AJAX, Websockets are smart so the server only send information when the information is there for the client.

You can find a lot of examples in their website.

I use Pusher and Scriptcase to the following taks:

  • User session control / one per user
  • Livechat support
  • Send notifications to current logged users like a “Global realtime message”
  • To send notifications when another user login to SC app

Etc.

#7

[h=3]Pusher is great for…[/h]

  • Chat
  • Activity Streams
  • Notifications
  • Collaboration
  • Multiplayer games
  • Realtime data
  • Dashboards
  • 2nd Screen experiences
#8

Albert,

What I meant was to just allow the creation of 5 users, say for a 5 users license. 5 User names will only allow the log on of 5 users. We can’t limit the number of sessions but at least we could limit the creation of users within the system. At anytime even if the users record is hang within the DB, it won’t mater cause if another user is to log in, this user would be considered legitimate because his name is already in the username list in the DB. If the user that has his record hangs within the DB logs in, SC will prompt to overwrite and clear the old record and register a new datetime in!

GT