is it too obvious to say:
send out the pages w/ an expire time....
set the http session expiration to a desired interval to prevent use after x
minutes...create a logoff function that invalidates their session...
is that too simplistic?
regards,
Mike Conway
cybermaster wrote:
> <%
> if (session != null) {
> session.invalidate();
> }
>
> %>
>
> --peter
>
> -----Original Message-----
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED]]On Behalf Of Smith Jason
> Sent: Wednesday, June 13, 2001 6:38 AM
> To: Orion-Interest
> Subject: Force Logon after X minutes
>
> I am custom user-authentication.
>
> The user and groups are in a database and I am using BASIC authentication.
>
> How can I allow users to logoff w/o them closing their browser?
>
> How can I force them to logon again after x minutes?
>
> Thxs,
>
> Jason