|
|
|
|
|
|
|
|
|
|
WEB SITE MANAGEMENT
Keeping user credentials in a frameset
By Chris Stoner a.k.a. GreenJellybean
It's often very helpful to know what's going on "under the covers." The way each Web browser handles the pages our sites serve up is important to understand, because the user experience is really based upon what they actually see, not what we intended for them to see. For example, I frequently encounter questions from people having difficulty with user credentials. Therefore, I thought I'd address the issue once and for all in this article.
We have a situation here
I came across a scenario recently where I allowed anonymous users to browse my Web site and only have to login if they really wanted to do something interactive. However, once logged in, many users were still not seeing any changes to the site. I had special buttons that should've been displayed, but they weren't.
After some testing, I found that the users' Web browsers would cache pages with anonymous access and often not pass the user credentials to the server. This meant that even after successfully logging into the site, they would still see only what anonymous users see, instead of what would normally be displayed for authenticated users.
A little testing goes a long way
Here's how the whole thing went down. It came about that a few users would log into the site and expect to see the action buttons that only authenticated users should see. My first thought was that the browser was caching the page, so I put a META Tag (<META HTTP-EQUIV="expires" CONTENT="0">) in the Header. My hope was the tag would force the browser to go back to the server each time this page was accessed. While that little tag is often a lifesaver, it didn't work in this case.
My frameset consisted of two frames, with a thin left frame containing some View links and some basic actions (Login, Email, Webmaster, etc.). The right frame was where the Views and Documents would load. It was very simple and straightforward, so why wasn't it working?
The first thing to figure out was whether or not the user had really logged in. I put a ComputedForDisplay field in the left frame that would show the current username. Then I copied that field and pasted it into the $$ViewTemplateDefault. I was amazed to see that it came up "anonymous" in the right frame, but with my login name, "Chris Stoner," in the left frame!
Caching those credentials
Perplexed by this behavior, I tried, after much trial and error, launching the View in a separate window and appending "&login" to the URL. Voila! The new field correctly calculated "Chris Stoner." It seemed that I needed to authenticate in each frame in order to override the cached anonymous credentials that the frame was, by default, serving up.
[ Next ]
|
|
|
|
|
|
-- Advertisement --
AUTOMATE LOTUS NOTES USER ID MANAGEMENT
ID Manager 4.5 from HELP Software provides a new level of automaton for managing Lotus Notes IDs. ID Manager lets Lotus Notes administrators get out of the business of creating and managing user IDs. Use our ROI calculator to see how quickly ID Manager will pay for itself.
Learn more about HELP Software products |
-- Advertisement --
DEPARTMENT CALENDAR - MANAGE AND SHARE A COMMON CALENDAR WITH YOUR TEAMS
Are you responsible for improving your organization's Group Calendaring tool? Have you been tasked to find a true group calendar tool with Itinerary, Time-Off, Sign In/Out and Bulletins/Events module that seamlessly integrates with Domino calendaring?
If so, Logic Springs Technologies will make answering these questions a whole lot easier!
Learn how by visiting us at www.departmentcalendar.com |
|
|
|
|
|
|
|
|
