[Catalyst] Session timeout and re-Authentication from a Frame

Steve H s_t_e_v_e_h at hotmail.com
Tue May 15 11:06:01 GMT 2007 

> >
> > A couple of Login/authentication questions:
> >
> > As expected, when using frames, when a session times out and displays 
>the
> > Login page, it does so in the frame that is the target for that request.
> > Is there any easy trick to be able to get that Login screen to use 
>'_top'
> > as the target? perhaps an intermediary Login response page that can set 
>the
> > target then request the proper Login page... although I'd have to play
> > around to make such a thing work, and was wondering is anyone else 
>already
> > had a solution/code I could leverage?
>
>window.parent.location =

Given the response already has it's target window, the Login screen will 
just get rendered there.  I was thinking of a solution that maybe writes an 
intermediary response page that onLoad() sets the location and target to 
_TOP then calls the real Login page.
In asking the mailing list, I was wondering whether anyone else has already 
covered that ground rather all of us busting out new stuff.

As an evolution to the Authentication mechanism, I was wondering whether 
anyone had broached

>
>maybe? I stopped using frames a long time ago :)

The use of Frames in this situation seemed to have merit.  Its a Shopping 
Cart component... that has a JavaScript-driven expandable menu with quite a 
few hundred possible nodes.  I wanted to avoid the latency dealing with the 
menu every time the consumer expanded/collapsed a node... or viewed the 
asssociated products.  Still, any other thoughts on that sort of thing would 
also be welcome.

>

As an evolution to the Authentication mechanism, I was wondering whether 
anyone had tackled the below.


> > On a further note, with re-authentication after session timeout, it'd be
> > good to be able to 'park' the original request while the 
>re-authentication
> > occurs, then continue to process it. Assume in this context that all 
>state
> > would be persisted against the User (as opposed to the session-id).
> > ...maybe a response that then pops a temporary window to re-authenticate 
>in
> > - thus helping to preserve the underlying targets for the parked then
> > subsequently executed request.  Any ideas or code that can be leveraged?
>

_________________________________________________________________
Advertisement: Senior Management roles paying $80k+ Search now at 
www.seek.com.au 
http://a.ninemsn.com.au/b.aspx?URL=http%3A%2F%2Fninemsn%2Eexecutive%2Eseek%2Ecom%2Eau%2F%3Ftracking%3Dsk%3Ahet%3Ase%3Anine%3A0%3Ahot%3Atext&_t=763838044&_r=seek_may07_snrmanagement&_m=EXT

More information about the Catalyst mailing list