0

I m really sorry for unclear question title but I am a bit confused about it myself.

I m running my website on IIS and on the top its displaying the username of the user who is currently logged in. my website is hosted on a local server and various users are accessing it simultaneously.

PROBLEM

Each time a user opens the site it displays the username of the previous user who just recently visited the site.

CODE

This is the code I am using on my global.asax file.

       void Session_Start(object sender, EventArgs e)
    {
        // Code that runs when a new session is started        
        // code to get the current user name when running from IIS
        System.Security.Principal.IPrincipal _User;
        _User = System.Web.HttpContext.Current.User;
        System.Security.Principal.IIdentity _Identity;
        _Identity = _User.Identity;
        string _Value;
        _Value = _Identity.Name.Substring(_Identity.Name.IndexOf(@"\") + 1);

 DataTable dtId = CetDatabase.GetEmployeDetails(_Value);
        if (dtId.Rows.Count > 0)
        {
            Session["teamid"] = dtId.Rows[0]["TEAMID"].ToString();
            Session["projectid"] = dtId.Rows[0]["PROJECTID"].ToString();
            Session["memberid"] = dtId.Rows[0]["MEMBERID"].ToString();
            CeteraQMS.Main_Master.projectname = dtId.Rows[0]["PROJECTNAME"].ToString();
            CeteraQMS.Main_Master.username = _Value;
            CeteraQMS.Main_Master.teamname = dtId.Rows[0]["TEAMNAME"].ToString();
            Session["role"] = dtId.Rows[0]["MEMBERROLE"].ToString();
        }
        else
        {
            Response.Redirect("AccessDenied.aspx");
        }
    }

I am not sure where I m going wrong.

Thanks in advance Akhil

akhil
  • 1,202
  • 3
  • 21
  • 43
  • What are you doing with the `_Value` string variable that you initialized in `Session_Start`? Are you storing it somewhere? – Darin Dimitrov Jul 27 '12 at 07:55
  • Can't you just store the username in the session when a user successfully logs in and just print that name? – Ben Ruijl Jul 27 '12 at 07:56
  • @DarinDimitrov i m displaying the username in a label – akhil Jul 27 '12 at 08:05
  • @BenRuijl bassicaly I was doing the same thing earlier but it was returning username as NETWORK SERVICE while running from IIS – akhil Jul 27 '12 at 08:06
  • What label? `_Value` is a local variable to the Session_Start method. Where are you storing it? Because what you have shown as code, you know, at the moment the execution engine hits the closing `}` your `_Value` local variable departs into the void. – Darin Dimitrov Jul 27 '12 at 08:12

1 Answers1

1

This here:

CeteraQMS.Main_Master.username = _Value;

looks like setting a property on a static object. The Main_Master property looks like a static property on the CeteraQMS class (whatever those are). And as you know static objects are shared among all users in the application. So don't use any static objects to store state that is specific to the current user only. If you want to store the username and other user specific properties, it's better to store them into the Session, the same way you did with the teamid, projectid, memberid and role values.

Darin Dimitrov
  • 1,023,142
  • 271
  • 3,287
  • 2,928