Aricie
The DNN Expert for your web project
Forum
HomeHomeExpert ModulesExpert ModulesPortalKeeperPortalKeeperDetect multiple connections from an internal network sharing public IPDetect multiple connections from an internal network sharing public IP
Previous
 
Next
New Post
1/5/2016 10:37 PM
 
Hello, Portal Keeper lets be configured to avoid multiple connections so that multiple users of an internal network to share a public IP address, can not log on with a particular user from different PCs on that network?
 
New Post
1/6/2016 1:09 PM
 

Hi,

 that should be possible, yes, through the dedicated default "Simultaneous Connections Detection" Firewall rule to be configured accordingly.

You can customize the corresponding "Catch Multiple connections" condition, specifically to :

  • uncheck "Returning Only", so that a new connection is not possible rather that the original computer being logged off (the default policy is "no coming back to the original computer").
  • switch the "Discrimination Source" from "XForwarded IP" to "Session" to support your case of an internal network with shared public IP.

You can also customize the resulting sequence of actions, such as the email template sent to the account holder, or maybe in order to add a redirection to a page with a dedicated message (see "Critical Accounts Protection" for an example of such an action that you can copy), or to directly display a page message to the user (see "Warn IE 6 Users" for an example of such an action that you can copy)

Regards


Jean-Sylvain Boige CTO - Aricie
 
New Post
1/6/2016 10:04 PM
 
Thanks for your answer, but I must tell you that following the letter to your recommendations, yet detects me like simultaneous sessions for different users in different PCs from my internal network. 

 

Also when it detects a "Connection simultaneous " sends several notices by email.

Please if you can help me about it I thank you in advance.

 
New Post
1/7/2016 5:04 PM
 
Hermes wrote:
Thanks for your answer, but I must tell you that following the letter to your recommendations, yet detects me like simultaneous sessions for different users in different PCs from my internal network. 

 

Also when it detects a "Connection simultaneous " sends several notices by email.

Please if you can help me about it I thank you in advance.

 

This seems unintended behavior indeed. With the above configuration, you should have:

When a single account logs in from 2 computers or from 2 browsers similarly (or one in regular mode and one in private mode, session being stored in cookie), without "returning only" checked, the 2nd user should get logged off (otherwise, the 1st one will trigger detection). An email should be sent each time a detection is triggered, that is each time a new connection is attempted in your case, or each time a returning user logs in with "returning only" checked.

I guess I should do some tests to see if for some reason the rule stopped working correctly. 

I'll get back to you when I know more about it, and if it's a bug I'll send you a patch.


Jean-Sylvain Boige CTO - Aricie
 
New Post
1/12/2016 12:26 PM
 

Hi,

 I could do some tests, and there seems to be a race condition causing interference with the locking mechanism upon signing off.

Here's a link to a patch that should fix the issue. In order to apply the patch, unzip and replace the corresponding assembly files in your bin folder.

I could test both of the above scenarios with success, with session as a discrimination source with same IP shared (returning only checked = people keep stealing the session and unsign each other / returing only checked = any new connection is rejected)

The next release will include the fix.

Regards


Jean-Sylvain Boige CTO - Aricie
 
New Post
1/25/2016 5:54 PM
 
Thank you very much, the patch is working properly
 
Previous
 
Next
HomeHomeExpert ModulesExpert ModulesPortalKeeperPortalKeeperDetect multiple connections from an internal network sharing public IPDetect multiple connections from an internal network sharing public IP