BUT ... userreference WAS received via cookie 'abc'
Bill
On Mar 14, 2008, at 5:46 PM, Ben Johansen wrote:
NO
in the manual
If no user reference number was received
(via the “_userReference” search argument or an HTTP cookie) when
the application file was called, a new number is generated;
otherwise, the
number passed in is returned.
so you clear the cookie and when you call a page without a
userreference arg it will gen a new one
On Mar 14, 2008, at 5:39 PM, William M Conlon wrote:
No, that would not be a NEW userreference, rather the same
userreference that was passed in by cookie.
Here's the flow;
userreference cookie 'abc' is passed to taf
@@user$id and @@user$somedata is known from user reference 'abc'
assign @@request$id == @@user$id
purge user scope variables
get new user refernence 'def'
assign user$id = @@request$id and user$somedata = user's new data
setcookie
Now on subsequent requests the cookie 'def' is used
Bill
William M. Conlon, P.E., Ph.D.
To the Point
2330 Bryant Street
Palo Alto, CA 94301
vox: 650.327.2175 (direct)
fax: 650.329.8335
mobile: 650.906.9929
e-mail: mailto:[EMAIL PROTECTED]
web: http://www.tothept.com
On Mar 14, 2008, at 5:30 PM, Ben Johansen wrote:
that would be
<@USERREFERENCE>
<@ASSIGN SCOPE="cookie" NAME="Witango_UserReference"
VALUE="<@USERREFERENCE>">.
On Mar 14, 2008, at 5:22 PM, William M Conlon wrote:
I want to tear down a user's session (purging all their
variables) and give the user a new session with new user
variables and a new userreference.
I'll need to <@ASSIGN SCOPE="cookie"
NAME="Witango_UserReference" VALUE="@@request$newUserReference">.
How do I generate @@request$newUserReference on the server so I
can set the cookie?
I would like the new UserReference to be generated by the
server, rather than by my own home-grown approach, so it isn't
subject to replay cracking attempts. For example if I just
generated a hash from things I new about the user, someone could
conceivably work out the algorithm and generate their own
userreference to hijack a session (admittedly unlikely).
I don't want to know how the server generates a new
userReference -- I just want to get one.
thanks.
Bill
William M. Conlon, P.E., Ph.D.
To the Point
2330 Bryant Street
Palo Alto, CA 94301
vox: 650.327.2175 (direct)
fax: 650.329.8335
mobile: 650.906.9929
e-mail: mailto:[EMAIL PROTECTED]
web: http://www.tothept.com
___________________________________________________________________
_____
TO UNSUBSCRIBE: Go to http://www.witango.com/developer/maillist.taf
____________________________________________________________________
____ TO UNSUBSCRIBE: Go to http://www.witango.com/developer/
maillist.taf
_____________________________________________________________________
___
TO UNSUBSCRIBE: Go to http://www.witango.com/developer/maillist.taf
______________________________________________________________________
__ TO UNSUBSCRIBE: Go to http://www.witango.com/developer/maillist.taf
________________________________________________________________________
TO UNSUBSCRIBE: Go to http://www.witango.com/developer/maillist.taf
