[Catalyst] Check session expiry without extending it

Steve Kleiman steve at prodhub.com
Wed Mar 3 22:57:17 GMT 2010


Hey John. Thanks for the feedback.

Yeah, it seems simple, but accommodating multiple windows is where I have problems. That's why I figured the way out was to poll the server every 3-5 minutes of idle time to see if user had been logged out.

Which brings me back to the original conundrum...asking the server, "Is your session expired yet?"

-s


On Mar 3, 2010, at 10:51 AM, John Karr wrote:

> The more I think about this, the more problems I see with my idea, you need to either restrict your users to one browser window (possibly with a secondary page key of some sort) or have the refresh bounce to an alternate uri that refreshes the page without updating the server's session timer.
> 
>>>>>>>>>>>>>>>>>>>>> 
> 
> Never mind, that's too simple. It breaks if users open up multiple pages unless you increase the refresh to just over twice the timeout, which may be an issue since presumably you don't want your user's expired sessions hanging around in their browser. 
> 
> Even simpler put a refresh tag in the page with a refresh a little over the session timeout value, then the site's handler for expired sessions can do the rest.
> 
> -----Original Message-----
> From: Alexander Hartmaier [mailto:alexander.hartmaier at t-systems.at] 
> Sent: Wednesday, March 03, 2010 10:03 AM
> To: The elegant MVC web framework
> Subject: Re: [Catalyst] Check session expiry without extending it
> 
> Why not return the datetime when the session expires with every page and
> have a client-side js that does the redirect without hammering the
> server?
> 
> --
> Best regards, Alex
> 
> 
> Am Dienstag, den 02.03.2010, 21:43 +0100 schrieb Steve Kleiman:
>> Using Catalyst::Plugin::Session with Session::State::Cookie.
>> 
>> Would like to be able to poll server if the user's session has expired WITHOUT extending the session itself.
>> 
>> The objective is to have a javascript periodical executor check if a session is expired and redirect user to a "Your session has expired" page if appropriate. Could do it in javascript but would prefer doing it on server.
>> 
>> Anyone tried this?
>> 
>> Thanks in advance.
>> 
>> -Steve Kleiman
>> _______________________________________________
>> List: Catalyst at lists.scsys.co.uk
>> Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst
>> Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/
>> Dev site: http://dev.catalyst.perl.org/
> 
> 
> *"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*
> T-Systems Austria GesmbH   Rennweg 97-99, 1030 Wien
> Handelsgericht Wien, FN 79340b
> *"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*
> Notice: This e-mail contains information that is confidential and may be privileged.
> If you are not the intended recipient, please notify the sender and then
> delete this e-mail immediately.
> *"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*
> 
> _______________________________________________
> List: Catalyst at lists.scsys.co.uk
> Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst
> Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/
> Dev site: http://dev.catalyst.perl.org/
> 
> 
> _______________________________________________
> List: Catalyst at lists.scsys.co.uk
> Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst
> Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/
> Dev site: http://dev.catalyst.perl.org/




More information about the Catalyst mailing list