StrataFrame Forum » StrataFrame Application Framework - V1 » Role Based Security » Session Locking - Questions

Session Locking - Questions

Tim Dol — Mon, 19 Feb 2007 16:15:15 GMT

I am testing out session locking and ran into a problem, and I'm not sure if I am misunderstanding something or have a logic issue.

User 1 is currently logged in on a workstation and performs a session lock (F11). User 2 enters their login credentials in the locked session and becomes the active user. What happens to user 1, are they logged out?

- Can I prevent this from happening by adding code somewhere? I only want to allow the original user access to the locked session, (except for maybe the administrator or security admin). My menu is built based on user permissions and I am having problems because user 2 should see some of the menu options available to user 1.

Thanks

Tim

RE: Session Locking - Questions

Greg McGuffey — Mon, 19 Feb 2007 16:15:15 GMT

Great!

RE: Session Locking - Questions

Trent L. Taylor — Mon, 19 Feb 2007 15:33:38 GMT

It's fixed.

RE: Session Locking - Questions

Greg McGuffey — Mon, 19 Feb 2007 13:13:28 GMT

There was a bug in 1.5.1 where the AfterSessionLock event didn't fire. Was this fixed in 1.6? It wasn't mentioned in the "What's new in 1.6" help topic.

RE: Session Locking - Questions

Trent L. Taylor — Thu, 15 Feb 2007 16:51:13 GMT

Sure, it is below. When you download the 1.6 update, you will see that the docs now have a class library reference. You can get this type of information straight from the reference. You can also use the .NET Object Browser, or just use the intellisense tooltip:

If you'll notice, the method below has the same signature as the highlighted area of the above image. The method name does not matter. You could call it TimsMethod as long as the signatures are the same.

[codesnippet]Public Sub HandleBeforeSessionLock(ByVal sender As Object, ByVal e As EventArgs)
'-- Your code here
End Sub[/codesnippet]

RE: Session Locking - Questions

StrataFrame Team — Thu, 15 Feb 2007 16:45:05 GMT

The handling method should have the same signature as System.EventHandler (the event is a type of System.EventHandler).

Public Shared Sub (ByVal sender As Object, ByVal e As EventArgs)

public static void (object sender, EventArgs e)

RE: Session Locking - Questions

Tim Dol — Thu, 15 Feb 2007 16:42:04 GMT

I would appreciate if you could post it. :)

Thanks

RE: Session Locking - Questions

Trent L. Taylor — Thu, 15 Feb 2007 16:35:55 GMT

You will have to manually create a handler on the SessionLock class. You would add this handler in your AppMain in the InitAPplication method more than likley. It would look something like this:

[codesnippet]AddHandler MicroFour.StrataFrame.Security.SessionLock.BeforeSessionLock, Addressof YourMethodHandler[/codesnippet]

You would then do the same thing for the AfterSessionLock. When you create the "YourMethodHandler" method, just make sure the signature is the same as the event (has the same number of parameters and types of parameters). It would just be a Sub.

[codesnippet]Private Sub YourMethodHandler(...)
'-- Place your code here...
End Sub[/codesnippet]

If you can't determine the signature of the method let me know and I will post it for you. I can't remember it off of the top of my head.

RE: Session Locking - Questions

Tim Dol — Thu, 15 Feb 2007 16:26:10 GMT

Trent, this may be a dumb question, but where would I put this code?

Thanks

RE: Session Locking - Questions

Trent L. Taylor — Thu, 15 Feb 2007 13:47:18 GMT

You can save off the current user in the BeforeSessionLock event. In the AfterSessionLock event you can test to see if the same user has been entered. If not, you can show a message indicating that the same user must be logged back in and then show the login form again.