Hi,
If you just close one instance of your browser, the session may still be open on the server. So when you re-open a new instance of your browser, it will reuse the same session (default timeout for Tomcat session is 30 minutes in the Jahia distrib). Else this is also closely related to the version of the application server you are using. In some version of Tomcat, closing Tomcat and directly relaunching it was keeping the sessions open. Session management is not directly related to Jahia but to the underlying app server.
Finally regarding cookie, the code is already available in the CVS (Jahia 4.0 branch). You may even test this feature in a nightly build (available here: http://cvspub.jahia.org/nightly-build/latest/ ), so if you want to backport it, feel free (or if you want to use direclty the nightly build ion your site we of course can not forbid that, but then take care that it will be up to you to support it as it is just a nightly development build). Else please just wait for the official Jahia 4.0.5 release (you can monitor the progress of this release on a daily basis in JIRA: http://www.jahia.org/jira ).
Cheers, St�phane
At 11:19 28/10/2004, you wrote:
Hello,
I found strange behaviour in Jahia 4.0.4 release. I could swear that it was possible to login, click on a jahia page and then close the browser via "X" or "close" (that all without actually logging off via the jahia menu button). When opening another browser window and inserting the jahia sites address, the user was still logged on. ... But now, this feature is gone. When the user closes the browser and opens another browser session, the login is gone and he has to authenticate another time.
Any ideas why this changed? It's really strange. Especially considering that I was really shocked to read that cookie authentification isn't in 4.0.4 release anyway... How could this ever worked???
Since the cookie based authentification from Schellenberg&Wittner is in CVS since June 2004, maybe anyone backported the necessary changes to the code to Jahia 4.0.4 release? Or are there any plans Jahia team to do this?
If there's no patch of any sort, maybe the Jahia Team could provide a bit more info what they changed to achieve cookie authentification so our team can try to backport it and release a patch.
I think this feature is really critical to a mature portal server. No offense to the developers of Jahia, but cookies are standard for any intranet server / portal server since like 200 BC!
