On Thu, 24 Feb 2000, K.V. Chandrinos wrote:
> [...]
> The problem I need to solve:
>
> A web based information system with registered users is to be monitored
> for user-modelling purposes. The nature of the service (financial news)
> allows for inactive browsing. The information complexity might require the
> user to open a second instance of the browser. The user-modelling team is
> NOT satisfied with session time-out solutions because the user might have
> stranded 25 of the 30 mins time-out limit to other sites (they have to
> live with the fact that he/she might be for coffee).
> [...]
> I have also been looking into 'invisible' applets, to utilise their
> destroy() method for talking back to the servlet and this seems quite more
> reasonable, because an instance 'registry' can be kept at the server for
> each user. If this drops to zero, the user is out. The question is, is
> this reliable? Has anybody tried it in a real project? Are there any other
> more robust, more elegant or more correct solutions that I am missing?
I believe you will find that it is near impossible to reliably track the
URL being viewed in multiple browser instances. The applet registry
design you speak of may get you close, but what happens if the user:
- has java turned off, or has an older non-java browser
- user's internet connection is disconnected for some reason
Regardless of the applet registry, you will need Session timeouts for
the above reasons. Given the stateless nature of HTTP, and the great
variation in browsers, connection reliability..., all sites that I know
of that have secure data use a simple Session timeout mechanism (etrade,
amazon...). I strongly suggest that you advise the user-modelling team
of the technical capabilities and options they have - tracking the URL
in each instance of a user's browser and being notified when it changes
is "not an option".
--
Padraic Renaghan /pad-rik ren-a-han/
<[EMAIL PROTECTED]> http://renaghan.com/pcr/
bookmarker - web based bookmark management GPL software
phpop - web based POP mail reader GPL software
clicked and the read - ezine
___________________________________________________________________________
To unsubscribe, send email to [EMAIL PROTECTED] and include in the body
of the message "signoff SERVLET-INTEREST".
Archives: http://archives.java.sun.com/archives/servlet-interest.html
Resources: http://java.sun.com/products/servlet/external-resources.html
LISTSERV Help: http://www.lsoft.com/manuals/user/user.html
