Session timeout, has to be top priority!!!

Mark Edwards mark at antsclimbtree.com
Thu Sep 7 23:33:32 CEST 2006


On Sep 7, 2006, at 2:28 PM, Martin Marques wrote:

>
> On Thu, 7 Sep 2006 14:21:30 -0700, Mark Edwards  
> <mark at antsclimbtree.com> wrote:
>> Wait a minute, are you guys really suggesting there should be *no*
>> timeout?  One of the primary uses for a webmail client is to view
>> email on public computers.  I sure as heck want to know that if I
>> somehow fail to logout on a public machine, that my session will be
>> closed for me.
>
> Enlighten me: WHat do you mean with "fail to logout"?

Either forget to logout, or the logout doesn't complete properly for  
whatever reason (temporarily lost communication with the server, etc.)

The point isn't *why* the logout fails, the point is that a session  
timeout is a safety feature in case, for whatever reason, a logout  
doesn't happen.

--
Mark Edwards






More information about the Dev mailing list