On Thu, Jan 16, 2014 at 3:25 AM, William Ray Wing <w...@mac.com> wrote: > On Jan 15, 2014, at 7:52 AM, Chris Angelico <ros...@gmail.com> wrote: >> One of the fundamentals of the internet is that connections *will* >> break. A friend of mine introduced me to Magic: The Gathering via a >> program that couldn't handle drop-outs, and it got extremely >> frustrating - we couldn't get a game going. Build your server such >> that your clients can disconnect and reconnect, and you protect >> yourself against half the problem; allow them to connect and kick the >> other connection off, and you solve the other half. > > But note VERY carefully that this can open HUGE security holes if not done > with extreme care. > > Leaving a dangling connection (not session, TCP closes sessions) open is an > invitation so bad things happening.
Not sure what you mean here. I'm assuming an authentication system that stipulates one single active connection per authenticated user (if you reauthenticate with the same credentials, it'll disconnect the other one on the presumption that the connection's been lost). In terms of resource wastage, there's no difference between disconnecting now and letting it time out, and waiting the ten minutes (or whatever) and then terminating cleanly. Or do you mean another user gaining access? It's still governed by the same authentication. ChrisA -- https://mail.python.org/mailman/listinfo/python-list
