Scott,
Thanks, that would work great. Think I could impose on you for a couple of
small snippets of code on the time out thing, and secondly, you said that
Hal wrote an article on the Returnfuseaction stuff. Do you know where that
is posted so that I can read it? Thanks again.
Bill
> -----Original Message-----
> From: Scott Knaub [mailto:[EMAIL PROTECTED]]
> Sent: Wednesday, August 09, 2000 2:05 PM
> To: '[EMAIL PROTECTED]'
> Subject: RE: application security and returnfuseaction
>
>
> We are in a load-balanced environment and are using Client variables in a
> centralized database for session management.
>
> 1. The solution I built for a similar situation is to have a
> Client variable
> that stores a timestamp of the last time a person did something in the
> secure area of the site.
>
> When a person logs in I set my variable Client.Expires to the
> current system
> time plus 30 minutes. Each time the person tries to do something on the
> secure area of the site I validate the fact that they are logged in by
> checking my variable Client.LoggedIn. If they are logged in, I compare my
> variable Client.Expires against the current system time to see if
> they have
> done something in the secure area of the site within the last thirty
> minutes. If they have done something in the last thirty minutes, I update
> Client.Expires to the current system time plus 30 minutes and let them
> continue.
>
> If they haven't done something in the secure area of the site in
> the last 30
> minutes, I set the Client.LoggedIn variable to False and redirect them to
> the login page.
>
> 2. I track a return fuseaction throughout the Web site so I know
> which menu
> to send them back to. We have 5 menu choices on our home page.
> When a person
> chooses a menu page, I append "RFA=(return menu name)" to the URL for each
> menu item on that page. Then I just keep passing that RFA around
> on the URL
> or as a hidden form variable. At the bottom of the pages
> referenced from the
> menu I have a link back to the menu page by using:
>
> <CFOUTPUT>To return to the menu, <A
> HREF="../index.cfm?action=#Attributes.RFA#&#URLTOKEN#">click
> here</A>.</CFOUTPUT>
>
> This way I can reuse templates but always give the person a link
> back to the
> menu from which they started.
>
> Thanks to Hal Helms for writing the CF Developer's Journal
> articles relating
> to return fuseactions!
>
> Scott
>
>
>
>
> -----Original Message-----
> From: Bill Killillay [mailto:[EMAIL PROTECTED]]
> Sent: Wednesday, August 09, 2000 10:33 AM
> To: [EMAIL PROTECTED]
> Subject: application security and returnfuseaction
>
>
> Hello,
>
> I have two questions that kind of relate to each other.
> 1. I have a secure area of an application that I am building and in that
> area, I want to include a little security check to make sure that the user
> is logged in. I am finding that if I do a check for a Client.whatever
> variable though that it's not timing out. I wanted to set the
> time out for
> 15 minutes for testing. This is just a little action file
> (act_checklogin.cfm) in it, it just checks to make sure (right now) that a
> session variable has not timed out, if it has, it redirects to the login
> page where it gives a nice message telling them that it's timed out.
>
> 2. I want to use the returnfuseaction to direct the user back to
> what ever
> page they where on after they log back in. However I am not to
> sure of what
> the syntax for this would look like.
>
> The whole application is done using Fusebox and I really don't want to use
> session variables as this site will probably down the road end up
> being in a
> clustered environment and will need to use client variables. What is the
> best way to get them to time out like I need them to in number one above?
>
> Thanks.
>
> Bill
>
> ------------------------------------------------------------------
> ----------
> --
> To Unsubscribe visit
> http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/fusebox or
> send a message to [EMAIL PROTECTED] with 'unsubscribe' in
> the body.
> ------------------------------------------------------------------
> ------------
> To Unsubscribe visit
http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/fusebox or
send a message to [EMAIL PROTECTED] with 'unsubscribe' in
the body.
------------------------------------------------------------------------------
To Unsubscribe visit
http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/fusebox or send a
message to [EMAIL PROTECTED] with 'unsubscribe' in the body.
