Please start any new threads on our new
site at https://forums.sqlteam.com. We've got lots of great SQL Server
experts to answer whatever question you can come up with.
| Author |
Topic |
|
Chris Broadbent
Starting Member
1 Post |
 Posted - 2001-02-08 : 16:19:41
|
| I have been using LOGIP=Request.ServerVariables("REMOTE_ADDR") and storing that in a users table as a unique identifier for authentication after user has successfully logged-on with User ID/Password. From then on at the top of every ASP page is an include file which checks against the user's IP and an expiry date of midnight. A standard approach. That was until I found that some users had same IP's depending on thier network connection,etc.I am now using session("SessionUserID") which seems to provide a unique integer and doesn't seem to time-out in the usual 20 minutes or less that happens when I use session variables which I am trying to avoid.I can't find much info on session("SessionUserID"), is this a poor idea? Is there anything better to use? |
|
|
|
|
|
Authentication not using an IP address