Re: Clear Login

From: chris@nospam.com
Date: 11/09/02

• Next message: : "T-H-U-N-D-E-R-S-T-O-N-E in access-log"
• Previous message: : "Re: How prevent outside access to user information?"
• In reply to: Barry Margolin: "Re: Clear Login"
• Next in thread: those who know me have no need of my name: "Re: Clear Login"
• Next in thread: those who know me have no need of my name: "Re: Clear Login"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

From: chris@nospam.com
Date: Fri, 08 Nov 2002 19:24:03 -0800

On Fri, 08 Nov 2002 15:26:54 GMT, Barry Margolin <barmar@genuity.net>
wrote:

>In article <aqffil$8g2$1@canopus.cc.umanitoba.ca>,
>Walter Roberson <roberson@ibd.nrc.ca> wrote:
>>In article <aqevb2$o8i$1@bob.news.rcn.net>,
>>Omar Bohsali <omarbohsali@omarbohsali.com> wrote:
>>:I have an htaccess system set up. It works fine. One problem. After somebody
>>:logs in, they are "always" logged in for a period of several days. How can I
>>:make it that when the user closes the browser window, that they have re
>>:enter their username and password?
>>
>>Credentials are held by the -browser-, not by the -window-. If they
>>weren't, you'd have to put in your password for every frame.
>>
>>What do you want to have happen if the user has multiple windows open
>>to your site?
>>
>>If you want to force credentials to be per-window then you're probably
>>going to have to get into using java to manage the connection.
>
>Most web sites that want to perform this level of control don't seem to use
>htaccess or HTTP passwords at all. Instead, they require the user to fill
>out a login form on the web page itself, and make use of cookies to keep
>track of the session. There's usually a "Logout" link on the web pages
>that invalidates the cookie, and it can also have an associated timer.
>
>I'm sure the folks in comp.infosystems.www.authoring.* can provide better
>explanations of how to implement this stuff than we can.

This might be a simple case of the browser caching the page. Try
adding the correct verbage to disable caching or set a short life.

---

• Next message: : "T-H-U-N-D-E-R-S-T-O-N-E in access-log"
• Previous message: : "Re: How prevent outside access to user information?"
• In reply to: Barry Margolin: "Re: Clear Login"
• Next in thread: those who know me have no need of my name: "Re: Clear Login"
• Next in thread: those who know me have no need of my name: "Re: Clear Login"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Relevant Pages Re: Clear Login ... >:I have an htaccess system set up. ... >:make it that when the user closes the browser window, ... Most web sites that want to perform this level of control don't seem to use ... out a login form on the web page itself, and make use of cookies to keep ... (comp.security.misc) Re: How to clear Cookies? ... Just do not set Expires attribute on cookie and it will expire when session ... ends (usually when user closes browser window). ... Scripting/HTA/.Net Framework IDE ... I use cookies to check user's access right, ... (microsoft.public.scripting.vbscript) Re: [PHP] php sessions ... >> browsers have different behaviors. ... >> pass a cookie from a new browser window. ... the same cookies whereas starting a whole new instance may not. ... (php.general) Re: How to stay logged in ... I know I should use cookies, ... Space: disk usage analysis tool ... (comp.lang.php)

---

We are proud to have Web Hosting and Rack Housing from 9 Net Avenue Deutschland.
(15)