Hi Stephen, Are your frame SRCs all pointing at the same domain they logged into? Remember https://domain.com != https://www.domain.com
Also try removing the <@USERREFERENCEARGUMENT> I can't help but wonder what else is going on with your frame (or related) code (HTML/JavaScript). What you are describing is fairly standard stuff, and shouldn't be a problem. What logic are you using that determines when a user should be "thrown back to the login screen" ? Let us know, when you have a moment. Cheers... -----Original Message----- From: Stephen Su <[EMAIL PROTECTED]> To: [EMAIL PROTECTED] Date: Wed, 18 Feb 2004 15:32:12 -0500 Subject: Re: Witango-Talk: Secured User Access > Scott, > > Thank you for your help and advice. I wasn't purposefully vague but > rather my situation is somewhat alluding me right now. > > In short, we have tested multiple versions of the login taf in which we > > did everything from separation of the taf itself into various > components all the way to substituting the frame-set with a single page > > taf. The user seems get validated just fine, because we register and > update their "last visited on" profile. But the frameset page comes > right after and that's when they are thrown back to the login screen. > The only way we are able to avoid this is by substituting with a > non-frame-set page. In each of the "src URL(s)" we do have the > UserReferenceArgument variable passed. > > I hope that's more clear than before. Please let me know if you need to > > know more. > > Best, > Stephen > > > > On Feb 18, 2004, at 12:48 PM, Scott Cadillac wrote: > > > Hi Stephen, > > > > Please describe in detail what you mean by "but then are kicked back > > out > > of the site". This is kind of a vague description of the problem, > which > > will likely lead to some vague answers. > > > > Here's me vague answer: > > > > A trend I'm noticing lately with Home computers over Office ones, is > > the > > rapid adoption of Popup and Cookie blocking add-ons for browsers. And > > > of > > course, people don't know how to properly set them. > > > > For the most part, by default these add-ons compensate for "session- > > cookies" so they don't break Sessions necessarily - but if your code > > relies on any other kind of cookies, then you're users are in > trouble. > > > > I say this, because I notice Office computer "policies" are slower to > > adopt (or allow install) these kinds of downloadable "free" add-ons. > > > > Lately I've taken to using some of these add-ons myself to make sure > my > > systems keep working. And I noticed two things: > > > > ~~ Never rely on standard cookies (session-ccokies are still fine). > > > > ~~ Popup window killers are not very smart, and sometimes can't tell > > the > > difference between a user-invoked "window.open" and an event- > > invoked "window.open" call. > > > > Hope this helps. Cheers.... > > > > Scott Cadillac, > > 403-281-6090 ~ [EMAIL PROTECTED] > > ------------ > > XML-Extranet ~ http://xmlx.ca ~ http://forums.xmlx.ca > > Well-formed Programming in C# .NET, Witango, MSIE and XML > > ------------ > > Witango ~ http://witango.org > > EasyXSLT ~ http://easyxslt.ca > > IIS Watcher ~ http://iiswatcher.ca > > ------------ > > > > > > -----Original Message----- > > From: Stephen Su <[EMAIL PROTECTED]> > > To: [EMAIL PROTECTED] > > Date: Wed, 18 Feb 2004 09:10:32 -0500 > > Subject: Witango-Talk: Secured User Access > > > >> We have a site completely built on witango that is accessed via. the > >> "https" gateway. It is built around multiple frames. When people try > > >> to > >> login, they seem to make it into our validation process, but then > are > >> kicked back out of the site. This happens only on windows machines > and > >> mostly on XP. No clients have problem from their office computers, > >> most > >> occurrences only happen at home. Is there a security setting in XP > or > >> any of the windows systems that's causing this? Any other common > >> experiences? > >> > >> Please advise, > >> Stephen > >> > >> > ______________________________________________________________________ > >> _ > >> _ > >> TO UNSUBSCRIBE: Go to http://www.witango.com/developer/maillist.taf > > > > > _______________________________________________________________________ > > _ > > TO UNSUBSCRIBE: Go to http://www.witango.com/developer/maillist.taf > > _______________________________________________________________________ > _ > TO UNSUBSCRIBE: Go to http://www.witango.com/developer/maillist.taf ________________________________________________________________________ TO UNSUBSCRIBE: Go to http://www.witango.com/developer/maillist.taf
