Invalidating session on window close

Rated 4.33/5 based on 723 customer reviews

If you are not the intended recipient, you are not authorized to read, print, retain, copy, disseminate, distribute, or use this message or any part thereof.If you receive this message in error, please notify the sender immediately and delete all copies of this message.There must be some kind of session information on the server side, right? The auth_tk stuff is here: https://github.com/ckan/ckan/blob/c260d58387167c660c4981b0305d514693064e20/ckan/lib/auth_and what appears to be the session handling is here: @rossjones I don't think that applies to the cookie based auth, but only to the beaker session.Shouldn't it be possible to delete that once a user logs out, so that actually the session is not valid anymore? However, I think it could be possible to use the beaker session as the identity store, instead of pure cookie-based, using something like https://github.com/kaukas/repoze.who-use_beaker.He wants to invalidate session on clicking window's close button./Ashwani -----Original Message----- From: [hidden email] [mailto:[hidden email Sent: Tuesday, March 21, 2006 PM To: Struts Users Mailing List Subject: Re: Invalidating a session using JAVASCRIPT Hi Sahil, I believe this can be done by implementing the Http Session Binding Listener Interface.Thank you --------------------------------------------------------------------- To unsubscribe, e-mail: [hidden email] For additional commands, e-mail: [hidden email] Ya that's right.

||

If you are not the intended recipient, you are not authorized to read, print, retain, copy, disseminate, distribute, or use this message or any part thereof.

If you receive this message in error, please notify the sender immediately and delete all copies of this message.

There must be some kind of session information on the server side, right? The auth_tk stuff is here: https://github.com/ckan/ckan/blob/c260d58387167c660c4981b0305d514693064e20/ckan/lib/auth_and what appears to be the session handling is here: @rossjones I don't think that applies to the cookie based auth, but only to the beaker session.

]]

We do not have to inform the container about such objects explicitly via the deployment descriptor.

So afaik this means the session is never really invalidated on the server side.

By looking at the code I don't really understand how it works.

--------------------------------------------------------------------- To unsubscribe, e-mail: [hidden email] For additional commands, e-mail: [hidden email] I have not tested this by summiting to a servlet.

But, I am sure on Unload() works when you click on browser 'X; Chandra -----Original Message----- From: [hidden email] [mailto:[hidden email Sent: Tuesday, March 21, 2006 PM To: Struts Users Mailing List Subject: Re: Invalidating a session using JAVASCRIPT Hi Sahil, I believe this can be done by implementing the Http Session Binding Listener Interface.

||

We do not have to inform the container about such objects explicitly via the deployment descriptor.So afaik this means the session is never really invalidated on the server side.By looking at the code I don't really understand how it works.--------------------------------------------------------------------- To unsubscribe, e-mail: [hidden email] For additional commands, e-mail: [hidden email] I have not tested this by summiting to a servlet.But, I am sure on Unload() works when you click on browser 'X; Chandra -----Original Message----- From: [hidden email] [mailto:[hidden email]] Sent: Tuesday, March 21, 2006 PM To: Struts Users Mailing List Subject: Re: Invalidating a session using JAVASCRIPT Hi Sahil, I believe this can be done by implementing the Http Session Binding Listener Interface.

]]

Leave a Reply