In my Client/Server applications I use my own security system that depends on tables in the Database.  

Before I open a session I change the Description property of the session to include information from the machine using the application (i.e. Machine Name, Domain, IP address and the like).  This information is somewhat helpful when informing the user about record locks which I can obtain from the ProcessID and Server SessionLocks.  Unfortunately, in most client organizations, the above information is not all that useful because often station names are numeric or cryptic and are not really helpful in tracking down the person who has an important record locked.

It would be most helpful if I could edit or add additional information to an open session record that could improve the identification of the person using the session.  If I was using the built-in Users/Roles security system then the "user' is already available in the ServerSession record and that would be adequate to identify the user+station who has the record locked.  As described above, unfortunately I do not know who has initiated the session until after the session is active and I can gain access to the tables of the security system..

In short, is there any way we can "edit" a server session record while the session is active?

Norman


I also have security built into the app rather than the database. What I decided to do was to move the login part to the database. Each user is granted administrator privileges but the actual control maintained by the application with the ElevateDB USer ID being the key to my Staff (I was getting confused when I called it users table.

The advantage is that I can make use of ElevateDB's built in features whilst at the same time maintaining the granularity of control I want. Best of both worlds. The users don't notice anything different. The only thing you need to do is alter the user creation / deletion code.

Roy Lambert [Team Elevate]

I do the same as Roy. Use the user DB, but create an additional table "staff" which the app uses to keep track of who a particular user actually is.

Usually all users are admin ... but in a few systems they aren't.