Session Not Ending

[MacaroniDuck]

I've constructed a site using IWP in which the status bar is hidden and locked. I've added a "logout" button for the users with the "Exit Application" step attached. Unfortunately, it's not working. It appears to log them out and sends them back to the home page. However, when clicking the link to re-enter the application, it logs them in automatically. I'm guessing this has to do with the browsers caching the username/password. It's not really practical to get the users to flush their cache each time (or even close their web browser). Is there some other way around this?

Note that I get the same results with both IE and Netscape.

[MacaroniDuck]

I should add that when I 'unhid' the status bar and used the built-in "logout" button, I still had the same result (i.e. the user wasn't really logged out)

Note that setting the timeout down to a low amount like "1 minute" isn't a viable solution.

[mogabog]

I am having the same problem. If someone has a solution I would love to hear it.

Short answer is no. Because the browser stores the login and pass if stays there until the browser is closed. Internet explorer 6 (after Service Pack 2) supports a javascript function (ClearWebAuthentication or something) that will essentiall log folks out, but it won't work on Mozilla, Safari, or older IE.

So with other browsers you can send them into a dummy directory with a dummy (but vaild) password and login in the URL - like http://logout:[email protected]/logout/ and that will replace the browser password cache for your site. Problem is Firefox will ask you if you want to log in. And i'm not sure IE 6 even before SP2 supports it. It was a great solution in 1998, but not now.

There is no easy way to purge the login cache without browser checks, etc - and even then it is not foolproof.

And since you are using IWP - well I'd guess you are totally up the creek.

Hope someone can prove me wrong.

I'm trying to do the same thing on a CDML based site, but I need better ideas :-)

-A

[laker_42]

I believe it is a built-in "feature". It allows users to access multiple databases without having to log into each one. I know a lot of my users appreciate it.

John

[MacaroniDuck]

Well, I can certainly see how it would be useful in certain situations. However, since Filemaker makes a big deal about it in their documentation, I wouldn't file this under "undocumented feature", but rather full-fledged bug. I realize that they can't control how browsers are built, but since they make such a big deal about security and being sure that users are logged off, they could have a) come up with a solution or : Emphatically stated that none of this will work without closing the browser.

*shrug* Thankfully I almost never use IWP. This is a quick project for a client on a very small budget.

[Reed]

I don't know how to make the password clear out of the browser without having the user quit, but I do know how not to have the user return to the IWP home page. Just locate the iwp_home.html file, and replace it with a page that simply tells the user to quit their browser. I have mine set up with a simple redirect that shoots the user back to my homepage. I was hoping that there was a method using javascript or something like that to quit a browser, but I've not been able to find it.

[FMWebschool]

Try this I got it to work with JavaScript on IE

<html>

<body>

<input type=button value="Close This Window" onclick="window.opener = top; window.close();">

<body>

</html>

In Kindness

Stephen K Knight

http://www.fmwebschool.com

[Hardy Machia]

I found another thread about this topic here: http://www.maclane.com/ubbthreads/showflat.php?Cat=0&Number=45117&an=0&page=0

FileMaker's response to this bug is unbelievable by blaming it on the web browser. Every other system on the internet that millions of people use each day when the user clicks the Logout button, it logs them out. (This forum, yahoo groups, hotmail,... you name it, Logout logs you out.)

The sample someone posted about get the javascript to close the window doesn't seem to work in Safari on the Mac if you are using tabs. I'm might try the trick of opening a dummy database to see if that resets the login session.

Hardy

[Hardy Machia]

I found another thread about this topic here: http://www.maclane.com/ubbthreads/showflat.php?Cat=0&Number=45117&an=0&page=0

FileMaker's response to this bug is unbelievable by blaming it on the web browser. Every other system on the internet that millions of people use each day when the user clicks the Logout button, it logs them out. (This forum, yahoo groups, hotmail,... you name it, Logout logs you out.)

The sample someone posted about get the javascript to close the window doesn't seem to work in Safari on the Mac if you are using tabs. I'm might try the trick of opening a dummy database to see if that resets the login session.

Hardy

[Hardy Machia]

I found another thread about this topic here: http://www.maclane.com/ubbthreads/showflat.php?Cat=0&Number=45117&an=0&page=0

FileMaker's response to this bug is unbelievable by blaming it on the web browser. Every other system on the internet that millions of people use each day when the user clicks the Logout button, it logs them out. (This forum, yahoo groups, hotmail,... you name it, Logout logs you out.)

The sample someone posted about get the javascript to close the window doesn't seem to work in Safari on the Mac if you are using tabs. I'm might try the trick of opening a dummy database to see if that resets the login session.

Hardy

[kodama]

Is there an FMP URL tag you can pass like the startsession, but one that kills it maybe?

I'm getting unknown error 13 after a user starts a session and quits the browser & comes back, they can't get back in until their session times out.

[kodama]

Is there an FMP URL tag you can pass like the startsession, but one that kills it maybe?

I'm getting unknown error 13 after a user starts a session and quits the browser & comes back, they can't get back in until their session times out.

[kodama]

Is there an FMP URL tag you can pass like the startsession, but one that kills it maybe?

I'm getting unknown error 13 after a user starts a session and quits the browser & comes back, they can't get back in until their session times out.