e-CM has many unknown and unhighlighted features. I will be blogging some of these features over the coming weeks to help highlight these items and give everyone some insight into what can be done with e-CM out of the box.

SCTrackLoggedInUsers and SCBlockSimultaneousUsers are two parts of a security tracking system. What this does if either one is enabled (see ApplicationOriginal.cfm lines 345-370) is builds a mechanism to record users who are logged into the system, what their location is within any pages under the /AM directory, when they got to that location, what their ContactID is and finally what their CFID and CFTOKEN are.

So what is this tracking used for? Well two things:

1) Blocking simultaneous login with the same credentials: If SCBlockSimultaneousUsers is enabled, the system checks to see if someone with the same ContactID is already logged into the system by examining the mechanism above. If someone with that ContactID is already logged in, then it checks to see if the CFID and CFTOKEN of that users match with the information stored above. If there is a match here then the system knows it is the same person and they must have accidentally closed their browser, so it lets them back in. If the CFID and CFTOKEN do not match, then the system assumes this is someone else entirely, since they are coming from a different browser and it will not let them in, UNLESS the timelimit for inactivity has passed. This timelimit is determined by another application variable, SCMinutesToBlockUser. If the inactivity time has passed, then the user can log in. This is all meant to keep people from sharing the same login credentials and using them at the same time. If the user cannot login after all of this, they are presented with the message stored in SCSimulUserBlockedMessage. If the user logs out by actually hitting our standard logout page, then all their information is cleared, and they can log back in without any problems.

2) Tracking: To view where users are in the system and if the above mechanism has been enabled, you can go to /AM/Admin/Security/showLoggedInUsers.cfm. This interface will show you all the people who have logged into CM, their names, email addresses, iMIS IDs, current location and when they got to that location. This page also provides a mechanism for unlocking any specific person or all people in the system. What this means is that say someone calls into the organization saying they cannot log back in because they getting blocked, an admin to come onto this page and unblock that specific user to allow them to log in. The page that unblocks users is at /AM/Admin/Security/clearSimUserBlock.cfm

I know this is a lot to cover. I hope it helps. If you have further questions, please post them here so that everyone can learn about this unknown feature of CM.