Scott Cadillac wrote:
Hi Stephen,
Are your frame SRCs all pointing at the same domain they logged into? Remember https://domain.com != https://www.domain.com
Also try removing the <@USERREFERENCEARGUMENT>
I can't help but wonder what else is going on with your frame (or related) code (HTML/JavaScript). What you are describing is fairly standard stuff, and shouldn't be a problem.
What logic are you using that determines when a user should be "thrown back to the login screen" ?
Let us know, when you have a moment. Cheers...
-----Original Message----- From: Stephen Su <[EMAIL PROTECTED]> To: [EMAIL PROTECTED] Date: Wed, 18 Feb 2004 15:32:12 -0500 Subject: Re: Witango-Talk: Secured User Access
Scott,
Thank you for your help and advice. I wasn't purposefully vague but rather my situation is somewhat alluding me right now.
In short, we have tested multiple versions of the login taf in which we
did everything from separation of the taf itself into various components all the way to substituting the frame-set with a single page
taf. The user seems get validated just fine, because we register and update their "last visited on" profile. But the frameset page comes right after and that's when they are thrown back to the login screen. The only way we are able to avoid this is by substituting with a non-frame-set page. In each of the "src URL(s)" we do have the UserReferenceArgument variable passed.
I hope that's more clear than before. Please let me know if you need to
know more.
Best, Stephen
On Feb 18, 2004, at 12:48 PM, Scott Cadillac wrote:
Hi Stephen,which
Please describe in detail what you mean by "but then are kicked back out
of the site". This is kind of a vague description of the problem,
will likely lead to some vague answers.
Here's me vague answer:
A trend I'm noticing lately with Home computers over Office ones, is the
rapid adoption of Popup and Cookie blocking add-ons for browsers. And
trouble.of course, people don't know how to properly set them.
For the most part, by default these add-ons compensate for "session-
cookies" so they don't break Sessions necessarily - but if your code
relies on any other kind of cookies, then you're users are in
myI say this, because I notice Office computer "policies" are slower to adopt (or allow install) these kinds of downloadable "free" add-ons.
Lately I've taken to using some of these add-ons myself to make sure
systems keep working. And I noticed two things:
~~ Never rely on standard cookies (session-ccokies are still fine).
~~ Popup window killers are not very smart, and sometimes can't tell the
difference between a user-invoked "window.open" and an event-
invoked "window.open" call.
Hope this helps. Cheers....
Scott Cadillac, 403-281-6090 ~ [EMAIL PROTECTED] ------------ XML-Extranet ~ http://xmlx.ca ~ http://forums.xmlx.ca Well-formed Programming in C# .NET, Witango, MSIE and XML ------------ Witango ~ http://witango.org EasyXSLT ~ http://easyxslt.ca IIS Watcher ~ http://iiswatcher.ca ------------
-----Original Message----- From: Stephen Su <[EMAIL PROTECTED]> To: [EMAIL PROTECTED] Date: Wed, 18 Feb 2004 09:10:32 -0500 Subject: Witango-Talk: Secured User Access
We have a site completely built on witango that is accessed via. the
"https" gateway. It is built around multiple frames. When people try
areto
login, they seem to make it into our validation process, but then
andkicked back out of the site. This happens only on windows machines
ormostly on XP. No clients have problem from their office computers, most
occurrences only happen at home. Is there a security setting in XP
______________________________________________________________________any of the windows systems that's causing this? Any other common experiences?
Please advise, Stephen
________________________________________________________________________
_
TO UNSUBSCRIBE: Go to http://www.witango.com/developer/maillist.taf
________________________________________________________________________
TO UNSUBSCRIBE: Go to http://www.witango.com/developer/maillist.taf
_
TO UNSUBSCRIBE: Go to http://www.witango.com/developer/maillist.taf
________________________________________________________________________ TO UNSUBSCRIBE: Go to http://www.witango.com/developer/maillist.taf
________________________________________________________________________ TO UNSUBSCRIBE: Go to http://www.witango.com/developer/maillist.taf