Good point John, Wouldn't be the first time that ever happened :-P
-----Original Message----- From: John McGowan <[EMAIL PROTECTED]> To: [EMAIL PROTECTED] Date: Wed, 18 Feb 2004 15:46:55 -0600 Subject: Re: Witango-Talk: Secured User Access > could the user be seeing a cached version of the home page or something > showing them the login form? > > Scott Cadillac wrote: > > >Hi Stephen, > > > >Are your frame SRCs all pointing at the same domain they logged into? > >Remember https://domain.com != https://www.domain.com > > > >Also try removing the <@USERREFERENCEARGUMENT> > > > >I can't help but wonder what else is going on with your frame (or > >related) code (HTML/JavaScript). What you are describing is fairly > >standard stuff, and shouldn't be a problem. > > > >What logic are you using that determines when a user should be "thrown > >back to the login screen" ? > > > >Let us know, when you have a moment. Cheers... > > > > > > > >-----Original Message----- > >From: Stephen Su <[EMAIL PROTECTED]> > >To: [EMAIL PROTECTED] > >Date: Wed, 18 Feb 2004 15:32:12 -0500 > >Subject: Re: Witango-Talk: Secured User Access > > > > > > > >>Scott, > >> > >>Thank you for your help and advice. I wasn't purposefully vague but > >>rather my situation is somewhat alluding me right now. > >> > >>In short, we have tested multiple versions of the login taf in which > we > >> > >>did everything from separation of the taf itself into various > >>components all the way to substituting the frame-set with a single > page > >> > >>taf. The user seems get validated just fine, because we register and > >>update their "last visited on" profile. But the frameset page comes > >>right after and that's when they are thrown back to the login screen. > > >>The only way we are able to avoid this is by substituting with a > >>non-frame-set page. In each of the "src URL(s)" we do have the > >>UserReferenceArgument variable passed. > >> > >>I hope that's more clear than before. Please let me know if you need > to > >> > >>know more. > >> > >>Best, > >>Stephen > >> > >> > >> > >>On Feb 18, 2004, at 12:48 PM, Scott Cadillac wrote: > >> > >> > >> > >>>Hi Stephen, > >>> > >>>Please describe in detail what you mean by "but then are kicked back > >>>out > >>>of the site". This is kind of a vague description of the problem, > >>> > >>> > >>which > >> > >> > >>>will likely lead to some vague answers. > >>> > >>>Here's me vague answer: > >>> > >>>A trend I'm noticing lately with Home computers over Office ones, is > >>>the > >>>rapid adoption of Popup and Cookie blocking add-ons for browsers. > And > >>> > >>> > >> > >> > >> > >>>of > >>>course, people don't know how to properly set them. > >>> > >>>For the most part, by default these add-ons compensate for "session- > >>>cookies" so they don't break Sessions necessarily - but if your code > >>>relies on any other kind of cookies, then you're users are in > >>> > >>> > >>trouble. > >> > >> > >>>I say this, because I notice Office computer "policies" are slower > to > >>>adopt (or allow install) these kinds of downloadable "free" add-ons. > >>> > >>>Lately I've taken to using some of these add-ons myself to make sure > >>> > >>> > >>my > >> > >> > >>>systems keep working. And I noticed two things: > >>> > >>>~~ Never rely on standard cookies (session-ccokies are still fine). > >>> > >>>~~ Popup window killers are not very smart, and sometimes can't tell > >>>the > >>>difference between a user-invoked "window.open" and an event- > >>>invoked "window.open" call. > >>> > >>>Hope this helps. Cheers.... > >>> > >>>Scott Cadillac, > >>>403-281-6090 ~ [EMAIL PROTECTED] > >>>------------ > >>>XML-Extranet ~ http://xmlx.ca ~ http://forums.xmlx.ca > >>>Well-formed Programming in C# .NET, Witango, MSIE and XML > >>>------------ > >>>Witango ~ http://witango.org > >>>EasyXSLT ~ http://easyxslt.ca > >>>IIS Watcher ~ http://iiswatcher.ca > >>>------------ > >>> > >>> > >>>-----Original Message----- > >>>From: Stephen Su <[EMAIL PROTECTED]> > >>>To: [EMAIL PROTECTED] > >>>Date: Wed, 18 Feb 2004 09:10:32 -0500 > >>>Subject: Witango-Talk: Secured User Access > >>> > >>> > >>> > >>>>We have a site completely built on witango that is accessed via. > the > >>>>"https" gateway. It is built around multiple frames. When people > try > >>>> > >>>> > >> > >> > >> > >>>>to > >>>>login, they seem to make it into our validation process, but then > >>>> > >>>> > >>are > >> > >> > >>>>kicked back out of the site. This happens only on windows machines > >>>> > >>>> > >>and > >> > >> > >>>>mostly on XP. No clients have problem from their office computers, > >>>>most > >>>>occurrences only happen at home. Is there a security setting in XP > >>>> > >>>> > >>or > >> > >> > >>>>any of the windows systems that's causing this? Any other common > >>>>experiences? > >>>> > >>>>Please advise, > >>>>Stephen > >>>> > >>>> > >>>> > >>>> > >>_____________________________________________________________________ > _ > >> > >> > >>>>_ > >>>>_ > >>>>TO UNSUBSCRIBE: Go to http://www.witango.com/developer/maillist.taf > >>>> > >>>> > >>> > >>> > >>_____________________________________________________________________ > __ > >> > >> > >>>_ > >>>TO UNSUBSCRIBE: Go to http://www.witango.com/developer/maillist.taf > >>> > >>> > >>_____________________________________________________________________ > __ > >>_ > >>TO UNSUBSCRIBE: Go to http://www.witango.com/developer/maillist.taf > >> > >> > > > >______________________________________________________________________ > __ > >TO UNSUBSCRIBE: Go to http://www.witango.com/developer/maillist.taf > > > > > > > > _______________________________________________________________________ > _ > TO UNSUBSCRIBE: Go to http://www.witango.com/developer/maillist.taf ________________________________________________________________________ TO UNSUBSCRIBE: Go to http://www.witango.com/developer/maillist.taf
