I think that the best idea about a strict Session management stays in the Sessiontimeout property.
I personally write my applications into a frameset where there is an Hidden frame that contains a document which is refreshing itself every 20 or 30 seconds (meta tag refresh).
I set up Sessiontimeout around 1 minute (or less if the application is highly security critical) and then I leave
the refresh do the job.
For security issues all the documents has a behavior that in case of onClose event will launch a session shut-down template that does the kill-session job.
I use this architecture only in the applicative part dedicated to those who do data-entry or db direct control, because, from the public point of view, few visualization queries are not critical as well as a remote dataentry may be.
s-)
This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
By continuing to use this site, you are consenting to our use of cookies.