|
|
|
|
|
|
|
|
|
|
|
|
|
|
WEB SITE MANAGEMENT
Keeping user credentials in a frameset
By Chris Stoner a.k.a. GreenJellybean
It's often very helpful to know what's going on "under the covers." The way each Web browser handles the pages our sites serve up is important to understand, because the user experience is really based upon what they actually see, not what we intended for them to see. For example, I frequently encounter questions from people having difficulty with user credentials. Therefore, I thought I'd address the issue once and for all in this article.
We have a situation here
I came across a scenario recently where I allowed anonymous users to browse my Web site and only have to login if they really wanted to do something interactive. However, once logged in, many users were still not seeing any changes to the site. I had special buttons that should've been displayed, but they weren't.
After some testing, I found that the users' Web browsers would cache pages with anonymous access and often not pass the user credentials to the server. This meant that even after successfully logging into the site, they would still see only what anonymous users see, instead of what would normally be displayed for authenticated users.
A little testing goes a long way
Here's how the whole thing went down. It came about that a few users would log into the site and expect to see the action buttons that only authenticated users should see. My first thought was that the browser was caching the page, so I put a META Tag (<META HTTP-EQUIV="expires" CONTENT="0">) in the Header. My hope was the tag would force the browser to go back to the server each time this page was accessed. While that little tag is often a lifesaver, it didn't work in this case.
My frameset consisted of two frames, with a thin left frame containing some View links and some basic actions (Login, Email, Webmaster, etc.). The right frame was where the Views and Documents would load. It was very simple and straightforward, so why wasn't it working?
The first thing to figure out was whether or not the user had really logged in. I put a ComputedForDisplay field in the left frame that would show the current username. Then I copied that field and pasted it into the $$ViewTemplateDefault. I was amazed to see that it came up "anonymous" in the right frame, but with my login name, "Chris Stoner," in the left frame!
Caching those credentials
Perplexed by this behavior, I tried, after much trial and error, launching the View in a separate window and appending "&login" to the URL. Voila! The new field correctly calculated "Chris Stoner." It seemed that I needed to authenticate in each frame in order to override the cached anonymous credentials that the frame was, by default, serving up.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
-- Advertisement --
Find unused Lotus Notes groups and clean up your address book
Have you ever wanted to get rid of old Lotus Notes groups that were cluttering up your address book, but you weren't sure if they were used? Find Unused Groups can help.
Find Unused Groups will check your ACL, mail, multi purpose and server groups to help you determine if they are used, and who uses them.
Learn how to easily clean up your address book. |
-- Advertisement --
Mark your calendar for in-depth Lotus training, May 12-14, Boston
Join experts and peers May 12-14 in Boston for educational and networking events that deliver real-world Lotus training so you can increase productivity and efficiency in your company, advance your skills, and squeeze the most from your current environment. One registration gets you into THE VIEW's Admin2010 and Lotus Developer2010.
Register by April 10 to save $200. |
|
|
|
|
|
|
|
|
|
|
