[lnkForumImage]
TotalShareware - Download Free Software
Confronta i prezzi di migliaia di prodotti.
Asp Forum
 Home | Login | Register | Search 


 

Forums >

microsoft.public.dotnet.framework.aspnet.mobile

Identifying user with MMIT

Nik Kalyani

6/8/2002 10:54:00 PM

Is there a way to uniquely identify a user that browses
to my MMIT-based application? Here's what I'm trying to
do:

The first time the user visits my app, they are
authenticated with a username/password combination. Once
authenticated, I want to be able to link a unique device
signature to their account in my database. On subsequent
visits, I want to look up this "device signature" from
the request headers and authenticate them automatically.
(Presuming that the risk of doing this is acceptable for
the app.)

I know that UP browsers send a x-up-subno header which is
effectively the user's encrypted subscriber ID. What
about other service providers? Is there a single header I
can always check or do I pretty much have to do this on a
carrier by carrier basis?

Cheers,

Nik
2 Answers

Tom Nicholas

6/10/2002 9:41:00 PM

0

Problem is the first time he hits your site he uses one
device, say, his laptop.

Second time he visits he uses his cell phone.

What we are doing is using the REQUEST object to identify
the OS, browser version, and a host of other things
including his IP address.

However, most people browse through their ISPs who assign
dynamic IP addresses.

We are choosing to capture their login, IP address, time,
and the like and keeping it in a SQL Server database
table. From there we can run all the stats we want.

Also, since it's a secure site, we use the web.config file
to bounce people to the login screen if they have
bookmarked a page in a prior session and try to jump back
after the session has expired.

Hope this helps,

Tom Nicholas
http://www.tom...

>-----Original Message-----
>Is there a way to uniquely identify a user that browses
>to my MMIT-based application? Here's what I'm trying to
>do:
>
>The first time the user visits my app, they are
>authenticated with a username/password combination. Once
>authenticated, I want to be able to link a unique device
>signature to their account in my database. On subsequent
>visits, I want to look up this "device signature" from
>the request headers and authenticate them automatically.
>(Presuming that the risk of doing this is acceptable for
>the app.)
>
>I know that UP browsers send a x-up-subno header which is
>effectively the user's encrypted subscriber ID. What
>about other service providers? Is there a single header I
>can always check or do I pretty much have to do this on a
>carrier by carrier basis?
>
>Cheers,
>
>Nik
>.
>

Otis Mukinfus

6/11/2002 5:41:00 AM

0

On Mon, 10 Jun 2002 12:41:50 -0700, "Tom Nicholas"
<tnicholas@tommyland.com> wrote:

>Problem is the first time he hits your site he uses one
>device, say, his laptop.
>
>Second time he visits he uses his cell phone.
>
>What we are doing is using the REQUEST object to identify
>the OS, browser version, and a host of other things
>including his IP address.
>
>However, most people browse through their ISPs who assign
>dynamic IP addresses.
>
>We are choosing to capture their login, IP address, time,
>and the like and keeping it in a SQL Server database
>table. From there we can run all the stats we want.
>
>Also, since it's a secure site, we use the web.config file
>to bounce people to the login screen if they have
>bookmarked a page in a prior session and try to jump back
>after the session has expired.
>
>Hope this helps,
>
>Tom Nicholas
>http://www.tom...

[snip]

Tom,

How do you do this with web.config? I sure like that idea. Can you
post a piece of sample code?


Otis M.
http://www....
http://www.otismu...