New User Verification - Commercial Forums :: How do I... - Web, Cloud & Mobile Applications Delivery and Migration Platform

Rich web/cloud/mobile app delivery

Search Forum Home

Forum Commercial Foru... Commercial Foru... New User Verification

1/7/2010 7:43 PM

	derekmhart@yahoo.com
685 posts

Re: New User Verification

Modified By derekmhart@yahoo.com on 1/7/2010 11:25:55 PM)

Ori gave this info:

1. When sending the e-mail save whatever session and context variables you need to a Database + of course a logged-in true state, per user.
2. On Global.asax Session_end you will change the logged-in state of the user in the Database to false.
3. When the e-mail is sent the user can close the browser window he/she used.
4. The link from the e-mail will cause the receiving server to load the logged-in state of the user.
5. If the logged-in state is true, all the session and context variables will be loaded and will be used to update the server state in the current session, including Session.IsLoggedOn = true; .

But does this really solve the unpredictability problem? If a user is logged on, and loads another browser window, that window might have some indeterminate state happening. Is there any event that can tell the user another browser window has the user logged on. More importantly, I really can't log on as two separate users ever, can I? Not that I need my site to do that, but I guess that is a problem. More thoughts welcome...

I just ran a test to see if my login form code runs if I open another window, and it does not. So I really am opening up just in the middle of a session. Yuck! How can I fix?

**************************************************************

OK, more research - I see this is a big problem for developer... take a look at http://msdn.microsoft.com/en-us/library/ms972976.aspx

I wish there was some way of detecting when I am in a different window... let me know your thoughts...

Back to one of the main areas this is a problem... when sending a link to a new user to authenticate an email address... and for some reason that user is already logged in as somebody else, perhaps a coworker is logged in. But then the link is used to authenticate a with a "post" prefix (so VWG knows to read the querystring). I am not sure how to check for the querystring. The form load event does not happen again when opening a new browser window. So the web site will just hang... thougts?!? Perhaps don't even load the main VWG program when using this authentication process... maybe load a different VWG app or a plain old asp.net page that tells the user that authentication has occurred... with a link to the main VWG app?

1/8/2010 12:00 AM

	palli
11189 posts

Re: New User Verification

Hi Derek,

This all comes down to the fact that the browser is using the same session for all it's tabs and windows. This is different between browsers and for those that don't this isn't a problem. For those that do, this is a problem.

If your main concern is the registration process, you can minimize the risk by somehow have the session terminated. One way is using the 5 steps. Another way is just terminate the session. But even that does not solve your problem, as if the user follows the registration link to login and then switches to the other tab, that tab will after a refersh follow what's on the first tab.

You can build your new user link with query strings and you can force the load event on the form to fire and all that, but if the new user logs in like that and then switches to the second tab, and for simplicity let's assume he refreshes the browser on that second tab, he/she will see the same on both tabs as this is the same session and mainform.

You can find information on query strings and how to use them on the wiki Parameters page here.

Using unique querystring for each such link will make the load event fire again. You can try this on a simple form by using first the address http://yoursite/Form1.wgx and then use http://yoursite/Form1.wgx?Myparm=1 and then http://yoursite/Form1.wgx?Myparm=2. the load event will fire in all those cases. So, if your new user link has unique ID as a query parameter, it will fire agin. And as it does, you have the opportunity to handle what you need in the load event. It does not change the fact, that when back to that other tab, you will see the same as the first tab after it's been refreshed.

And by the way, in version 6.4 you can have two different users logged into your application on the same session, provided they use different mainforms. You can have one user on Form1.wgx, while another user on Form2.wgx.

As I said, I will ask around, and if we come up with anything, we will let you know.

Palli

Páll Björnsson - Visual WebGui support team - Email: support@visualwebgui.com

1/8/2010 9:18 AM

	derekmhart@yahoo.com
685 posts

Re: New User Verification

How would you use different MainForms for each user in 6.4?

1/8/2010 1:35 PM

	palli
11189 posts

Re: New User Verification

Hi Derek,

Check the Wiki authentication page here. It contains a recent codesample for exactly that.

Palli

Páll Björnsson - Visual WebGui support team - Email: support@visualwebgui.com

1/10/2010 12:05 AM

	ori.cohen
4383 posts

Re: New User Verification

Hello Derek,

Maybe this will help:
There is a way to force use of a different VWG context, even when running from the same browser.
This can be done using the "vwginstance" query string parameter. The value of this parameter is numeric and begins with the value "1" which is the default.
Every consecutive new context that is opened on the session gets a number that is inceremented by 1.

You could use this from the URL you provide in the e-mail, to have the user get a fresh new application, even if it opens on a new tab on the same browser the original application was or still is opened on.

Regards,

Ori Cohen
Support Manager, the Visual WebGui team