detect exiting the website
in [JavaScript]
|
From: Antony Scriven on 9 Apr 2010 12:27 On Apr 9, 2:28 pm, Scott Sauyet wrote: > [...] > I doubt it's a matter of server resources. [...] I know, but that's what the OP said. > In a lot of systems I've worked on (although I've never > designed this part of the system) a user is allowed only > one logged-in session on the server. Sean said it was for single sign-on which isn't the same thing. But apparently he pretty much agrees with your description; thanks for taking the time to explain it clearly. > If the user forgets to log off, she cannot get back on > until that session expires. But the session timeout is > set to expire after, say, thirty minutes of inactivity so > that users working on the system are not being booted too > frequently because of distractions at their desks. This > works fine as long as users log off before leaving. But > if they close the browser or in some other way sever the > connection with the session, things fall apart: they have > to wait up to thirty minutes to log back on. In an > environment when this application is much of the main > responsibility of that user, thirty unproductive minutes > is unacceptable. > > [...] If the goal is simply to have one open session, then close the original session if the user needs to log in again before it has expired. You can give the user the option to terminate the first session or cancel the second log in. This is also a good time to allow a user to report any fraudulent activity. And a message about misuse at this point is a good way to discourage password sharing, for example. --Antony
From: Jorge on 9 Apr 2010 12:36
On Apr 9, 6:27 pm, Antony Scriven <adscri...(a)gmail.com> wrote: > > If the goal is simply to have one open session, then close > the original session if the user needs to log in again > before it has expired. You can give the user the option to > terminate the first session or cancel the second log in. > This is also a good time to allow a user to report any > fraudulent activity. And a message about misuse at this > point is a good way to discourage password sharing, for > example. --Antony That's true. And I'm going to borrow the idea. -- Jorge. |