Hello, I've tried the latter suggestion with some success, however I still get problems especially when you reload a page without the session-id. Ideally I would like the absence of a session-id to really reforce a login, but it's still picking up any cookie that may have been set. This could be a problem with public access labs where we have no control over what might be set on browsers, and different users might be wandering up to log in after each other (and naturally failing to logout). Of course we can't stop idiots wandering off without logging out with someone else picking up their session immediately, but I'd feel safer without the cookie set!
Thanks! Ben On Tue, 14 May, 2002 05:14, Joshua Chamas wrote: > > You can use the $Session->Abandon method when a user logs out, or can > clear the session when processing the login as in > > %$Session = (); > # then set user authentication data > > If neither of these cover your case, then we can probably get for you > a configuration like: > > PerlSetVar SessionQueryForce 1 > > I can see the value in the configuration, but won't do it unless > there is the need. > > --Josh > _________________________________________________________________ > Joshua Chamas Chamas Enterprises Inc. > NodeWorks Founder Huntington Beach, CA USA > http://www.nodeworks.com 1-714-625-4051 > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] -- Ben Soares tel: +44 (0)131-651 1238 EDINA, Edinburgh University Data Library fax: +44 (0)131-650 3308 Main Library Building, George Square email: [EMAIL PROTECTED] Edinburgh EH8 9LJ, Scotland, UK www: http://edina.ac.uk/ --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
