Snitz Forums 2000
Snitz Forums 2000
Home | Profile | Register | Active Topics | Members | Search | FAQ
Username:
 Password:
Save Password
Forgot your Password?

 All Forums
 Help Groups for Snitz Forums 2000 Users
 Help: General / Current Version (Old)
 User Authentication question		  New Topic  Topic Locked
 Printer Friendly
Author Previous Topic Topic Next Topic  

Rob Poretti
Junior Member

Canada
435 Posts
Posted - 02 March 2001 :  15:55:36  Show Profile  Visit Rob Poretti's Homepage
I'm developing a heavily moded version of 3.1 sr2. I have found that when running the forum in Visual Interdev, that when I log off, I can type the URL of any of the admin pages and it takes me there without authenticating.

Is there correct? Or is the there something screwy in my forum? DOes it have to do with running in Visual InterDev? My on-line forum does not have this problem. If I type any of the Admin pages it will send me to login to the Admin pag -- as it should.

HuwR
Forum Admin

United Kingdom
20600 Posts
Posted - 02 March 2001 :  16:08:49  Show Profile  Visit HuwR's Homepage
yes, when you log in to admin_home, it stores your login info as a session variable, which is why it behaves that way
Go to Top of Page

Rob Poretti
Junior Member

Canada
435 Posts
Posted - 02 March 2001 :  17:15:25  Show Profile  Visit Rob Poretti's Homepage
I'm sorry, I'm not sure what I should derive from that statement...

If I am logged oUT, does it still use the same session variable?

If I log out, and then STOP the application in Visual InterDev, does that destroy the session variable? What is the session variable scope?

Sorry to trouble you, here... I guess I missing a basic concept of the session variable.

Cheers!

Rob
Go to Top of Page

Doug G
Support Moderator

USA
6493 Posts
Posted - 02 March 2001 :  19:26:13  Show Profile
A session lasts until the session times-out or you explicitly end it with session.abandon. Logging off the forum code doesn't end your session as far as IIS is concerned. Closing your browser does end your session.

As with any authenticated web site, your credentials are cached in the browser after you successfully log on and don't go away until the browser is closed. I'm not sure if credentials or sessions propagate down to new windows from the parent browser (ctrl-N).

Except for a couple bug versions of IE, sessions do propagate to new windows opened by code.

The net is if you set Session("test") = 1, that value will remain until the IIS session terminates.

There may be something in your InterDev configuration that is making it work differently than your ISP but I don't know what.

======
Doug G
======
Go to Top of Page
  Previous Topic Topic Next Topic  
 New Topic  Topic Locked
 Printer Friendly
Jump To:
Snitz Forums 2000 © 2000-2021 Snitz™ Communications Go To Top Of Page
This page was generated in 1.16 seconds. Powered By: Snitz Forums 2000 Version 3.4.07