That is correct with our current implementation. In our computer labs, we strongly instruct that students log completely out of the computer, in effect closing the browser. In administrative or faculty offices, users lock their computers when they walk away and, being a small university, we have the luxury of knowing when a "stranger" is around. Without going into large security discussions, it's been this way for over two years and there has never been an issue with it. In fact, I always leave my computer unlocked, but I have an office with a lockable door. However, I have been considering adding a timeout so that users must log back in when their sessions expire. It would sure make my coding much easier. BTW, all the boozers our in our IT dept. ;-)
_____ From: Mike Kear [mailto:[EMAIL PROTECTED] Sent: Tue 11/2/2004 9:30 PM To: CF-Talk Subject: Re: Session Management Michael, does this mean if a logged-in user goes off to lunch without logging out, their machine is still logged in (in effect) all day (if it's a long lunch with the sales department booze-heads) or even all night too? Isn't that a security risk? Cheers Mike Kear Windsor, NSW, Australia AFP Webworks http://afpwebworks.com .com,.net,.org domains from AUD$20/Year On Tue, 2 Nov 2004 20:35:13 -0600, Dawson, Michael <[EMAIL PROTECTED]> wrote: > I just store login information in a cookie. Then, if the session has > timed out, I reload the session using the login information that is > stored in the cookie. The user never knows they lost their session due > to inactivity. > > > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Purchase from House of Fusion, a Macromedia Authorized Affiliate and support the CF community. http://www.houseoffusion.com/banners/view.cfm?bannerid=34 Message: http://www.houseoffusion.com/lists.cfm/link=i:4:183254 Archives: http://www.houseoffusion.com/cf_lists/threads.cfm/4 Subscription: http://www.houseoffusion.com/lists.cfm/link=s:4 Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4 Donations & Support: http://www.houseoffusion.com/tiny.cfm/54
