I am using "windows" authentication mode.  I would like to store the
username and various information when the user logs on to the website.
Any ideas?

It would be a bonus to store the logout time too but I hear that is
difficult and unreliable but if anyone knows a way to do that too I am
all ears.


(Visual Studio 2005, Asp.net 2.0, Visual Basic)

Hi Mel,
if you are using windows authentication IIS is responible for authenticating 
your user. Do you allow anonymous users to access your application? If no you 
can handle your login in Session_Start. Handling logout is difficult because 
if user closes browser you do not receive any information about it (unless 
you build some mechanism to ping application from browser in short 
intervals). You also can fully believe to Session_End because it is raised 
only if session is running InProc = locally in asp.net worker process.

Regards,
Ladislav

"Mel" wrote:


> I am using "windows" authentication mode.  I would like to store the
> username and various information when the user logs on to the website.
> Any ideas?
> 
> It would be a bonus to store the logout time too but I hear that is
> difficult and unreliable but if anyone knows a way to do that too I am
> all ears.
> 
> 
> (Visual Studio 2005, Asp.net 2.0, Visual Basic)
> 
> 

*You also cannot believe to Session_End ...

"Ladislav Mrnka" wrote:


> Hi Mel,
> if you are using windows authentication IIS is responible for authenticating 
> your user. Do you allow anonymous users to access your application? If no you 
> can handle your login in Session_Start. Handling logout is difficult because 
> if user closes browser you do not receive any information about it (unless 
> you build some mechanism to ping application from browser in short 
> intervals). You also can fully believe to Session_End because it is raised 
> only if session is running InProc = locally in asp.net worker process.
> 
> Regards,
> Ladislav
> 
> "Mel" wrote:
> 
> > I am using "windows" authentication mode.  I would like to store the
> > username and various information when the user logs on to the website.
> > Any ideas?
> > 
> > It would be a bonus to store the logout time too but I hear that is
> > difficult and unreliable but if anyone knows a way to do that too I am
> > all ears.
> > 
> > 
> > (Visual Studio 2005, Asp.net 2.0, Visual Basic)
> > 
> > 

On Aug 15, 10:14 am, Ladislav Mrnka
 wrote:

> Hi Mel,
> if you are using windows authentication IIS is responible for authenticating
> your user. Do you allow anonymous users to access your application? If no you
> can handle your login in Session_Start. Handling logout is difficult because
> if user closes browser you do not receive any information about it (unless
> you build some mechanism to ping application from browser in short
> intervals). You also can fully believe to Session_End because it is raised
> only if session is running InProc = locally in asp.net worker process.
>
> Regards,
> Ladislav
>
> "Mel" wrote:
> > I am using "windows" authentication mode.  I would like to store the
> > username and various information when the user logs on to the website.
> > Any ideas?
>
> > It would be a bonus to store the logout time too but I hear that is
> > difficult and unreliable but if anyone knows a way to do that too I am
> > all ears.
>
> > (Visual Studio 2005, Asp.net 2.0, Visual Basic)


Cool.  I will just add a Global.asax to my project and try adding my
code to the Session_Start procedure.  I'll post the code here when I
get it finished.

On Aug 15, 10:42 am, Mel  wrote:

> On Aug 15, 10:14 am, Ladislav Mrnka
>
>
>
>  wrote:
> > Hi Mel,
> > if you are using windows authentication IIS is responible for authenticating
> > your user. Do you allow anonymous users to access your application? If no you
> > can handle your login in Session_Start. Handling logout is difficult because
> > if user closes browser you do not receive any information about it (unless
> > you build some mechanism to ping application from browser in short
> > intervals). You also can fully believe to Session_End because it is raised
> > only if session is running InProc = locally in asp.net worker process.
>
> > Regards,
> > Ladislav
>
> > "Mel" wrote:
> > > I am using "windows" authentication mode.  I would like to store the
> > > username and various information when the user logs on to the website.
> > > Any ideas?
>
> > > It would be a bonus to store the logout time too but I hear that is
> > > difficult and unreliable but if anyone knows a way to do that too I am
> > > all ears.
>
> > > (Visual Studio 2005, Asp.net 2.0, Visual Basic)
>
> Cool.  I will just add a Global.asax to my project and try adding my
> code to the Session_Start procedure.  I'll post the code here when I
> get it finished.


I successfully added the Global.asax as a new item in my Visual Studio
2005 web project.  I set some session variables and then store the
user, company and session id in an access database table called "Web
User Log".  I was not successful in setting the session end time; it
just wasn't possible because my session state mode is not set to
InProc so I dismissed the idea.  Here is the code if anyone is
interested....
Thanks to everyone for your help.

    Sub Session_Start(ByVal sender As Object, ByVal e As EventArgs)
        ' Code that runs when a new session is started
        Session("IsDeveloper") = False

        'Set session variables
        If Not
IsNothing(Context.User.Identity.Name.Substring(Context.User.Identity.Name.LastIndexOf("\")
+ 1)) Then
            Session("CurUser") =
Context.User.Identity.Name.Substring(Context.User.Identity.Name.LastIndexOf("\")
+ 1)
            Dim CurDom As String = "DC=mydomain, DC=local"
            Dim LdapSvr As String = "mydomain.local"
            Dim LdapPath As String = "LDAP://" & LdapSvr & "/" &
CurDom & ""
            Dim DirEnt As DirectoryEntry = New
DirectoryEntry(LdapPath)
            Dim ds As DirectorySearcher = New
DirectorySearcher(DirEnt, "(sAMAccountName=" & Session("CurUser") &
")")
            ds.PropertiesToLoad.Add("mail")
            ds.PropertiesToLoad.Add("sn")
            ds.PropertiesToLoad.Add("givenName")
            ds.PropertiesToLoad.Add("company")
            ds.PropertiesToLoad.Add("st")
            ds.PropertiesToLoad.Add("l")
            ds.PropertiesToLoad.Add("department")

            Dim sr As SearchResult = ds.FindOne
            Session("SN") =
sr.GetDirectoryEntry().Properties("sn").Value
            Session("GivenName") =
sr.GetDirectoryEntry().Properties("givenName").Value
            Session("mail") =
sr.GetDirectoryEntry().Properties("mail").Value
            Session("Company") =
sr.GetDirectoryEntry().Properties("company").Value
            Session("St") =
sr.GetDirectoryEntry().Properties("st").Value
            Session("city") =
sr.GetDirectoryEntry().Properties("l").Value
            Session("department") =
sr.GetDirectoryEntry().Properties("department").Value
        End If

        If UCase(Session("CurUser")) = "DEVDUDE1" Or
UCase(Session("CurUser")) = "DEVDUDE2" Then
            'don't store login date/time for the web developers who
repeatedly log in and out while debugging.
            Session("IsDeveloper") = True
        Else
            If Not Session("CurUser") Is Nothing Then
                'now writing user name and login time to the WebBMQ
database Web User Log table upon new session
                Dim strConn As String = "Provider=Microsoft.Jet.OLEDB.
4.0;Data Source=\myserver\webbmq.mdb;"
                Dim conWebOrdNum As New
System.Data.OleDb.OleDbConnection(strConn)
                Dim strIns As String = "INSERT INTO [Web User Log]
([User],[Company],[Date/Time of Entry], [Session ID]) VALUES
(?,?,?,?)"
                Dim cmdIns As New
System.Data.OleDb.OleDbCommand(strIns, conWebOrdNum)
                conWebOrdNum.Open()
                If Session("CurUser") Is Nothing Then
                Else
                    cmdIns.Parameters.AddWithValue("User",
Session("CurUser").ToString)
                End If

                If Session("Company") Is Nothing Then
                Else
                    cmdIns.Parameters.AddWithValue("Company",
Session("Company").ToString)
                End If

                If Session("CurUser") Is Nothing And
Session("Company") Is Nothing Then
                Else
                    cmdIns.Parameters.AddWithValue("Date/Time of
Entry", Now.ToString)
                    cmdIns.Parameters.AddWithValue("Session ID",
Session.SessionID.ToString)
                End If
                cmdIns.ExecuteNonQuery()
                conWebOrdNum.Close()
            End If
        End If
    End Sub

You can put that into the Session_Start event in the Global.asax. In 
fact, I don't see why you can't put the logout code in the Session_End 
event. The logout time may not be accurate to the minute, because of the 
session timeout, but you can get it pretty close...



Steve C.
MCAD,MCSE,MCP+I,CNE,CNA,CCNA


Mel wrote:

> I am using "windows" authentication mode.  I would like to store the
> username and various information when the user logs on to the website.
> Any ideas?
> 
> It would be a bonus to store the logout time too but I hear that is
> difficult and unreliable but if anyone knows a way to do that too I am
> all ears.
> 
> 
> (Visual Studio 2005, Asp.net 2.0, Visual Basic)
>