Session timeout, has to be top priority!!!

Martin Marques martin at bugs.unl.edu.ar
Fri Sep 8 01:26:59 CEST 2006


On Thu, 7 Sep 2006 14:33:32 -0700, Mark Edwards <mark at antsclimbtree.com> wrote:
> On Sep 7, 2006, at 2:28 PM, Martin Marques wrote:
> 
>>
>> On Thu, 7 Sep 2006 14:21:30 -0700, Mark Edwards
>> <mark at antsclimbtree.com> wrote:
>>> Wait a minute, are you guys really suggesting there should be *no*
>>> timeout?  One of the primary uses for a webmail client is to view
>>> email on public computers.  I sure as heck want to know that if I
>>> somehow fail to logout on a public machine, that my session will be
>>> closed for me.
>>
>> Enlighten me: WHat do you mean with "fail to logout"?
> 
> Either forget to logout, or the logout doesn't complete properly for
> whatever reason (temporarily lost communication with the server, etc.)
> 
> The point isn't *why* the logout fails, the point is that a session
> timeout is a safety feature in case, for whatever reason, a logout
> doesn't happen.

Closing the navegator SHOULD kill the session, AFAIK.

So, the only reason I see is if you leave the web browser open.

--
---------------------------------------------------------
Lic. Martín Marqués         |   SELECT 'mmarques' || 
Centro de Telemática        |       '@' || 'unl.edu.ar';
Universidad Nacional        |   DBA, Programador, 
    del Litoral             |   Administrador
---------------------------------------------------------






More information about the Dev mailing list