Admin Timeout

Post Reply

Author	Message Topic Search Topic Options Post Reply Create New Topic Printable Version Translate Topic
CMason Members Profile Find Members Posts Newbie Joined: 27 October 2006 Status: Offline Points: 3	Post Options Post Reply Quote CMason Report Post Thanks(0) Quote Reply Topic: Admin Timeout Posted: 27 October 2006 at 3:11am
	I'm getting a bit frustrated with the Admin login. When a session expires what I see is something about "you don't have permissions to access this". I expect that it would be like most applications where it would redirect me to the login and after the login successfully posts I'd be redirected back to the page I was last accessing. Instead I have click on Admin and relogin and then "remember" where I was and what information I was entering and then reenter it. I haven't met an application that forces me into that type of login process in a long time. Is this because I'm demoing this with a localhost setup? Is this how the paid for version acts?

WebWiz-Bruce Members Profile Find Members Posts Admin Group Web Wiz Developer Joined: 03 September 2001 Location: Bournemouth Status: Offline Points: 9844	Post Options Post Reply Quote WebWiz-Bruce Report Post Thanks(0) Quote Reply Posted: 27 October 2006 at 11:51am
	If you are talking about the actual admin section, then yes the login for that part is extra secure because if not and a hacker gains access to it they can not only delete your entire forum, but also delete of deface your entire web site. The session time for the admin section login is 20 minutes after your last activity, or if you hit the logout button then it will be finished sooner. This 20 minute session, after last activity, should be long enough for most people, if you are getting logged out sooner than this then it suggests an issue on the server with the servers application pool dropping application variables. If you are unable to fix the server issue you can edit the file functions/functions_Session_data.asp and use the instructions in that file to enable the forum to use the database to store session data in, instead of the web servers memory.
	Web Wiz Forums Hosting ASP.NET Web Hosting

CMason Members Profile Find Members Posts Newbie Joined: 27 October 2006 Status: Offline Points: 3	Post Options Post Reply Quote CMason Report Post Thanks(0) Quote Reply Posted: 27 October 2006 at 1:26pm
	I don't have a problem with it timing out or the extra secure login, my problem is that a timeout doesn't redirect to to a login page which, if successful, then redirects back to the initial page.

WebWiz-Bruce Members Profile Find Members Posts Admin Group Web Wiz Developer Joined: 03 September 2001 Location: Bournemouth Status: Offline Points: 9844	Post Options Post Reply Quote WebWiz-Bruce Report Post Thanks(0) Quote Reply Posted: 27 October 2006 at 2:15pm
	You are right a failed login, which includes a time-out which is the server would see the same as an attempted login will take you to a insufficient permissions page, this is done to make it more difficult for hackers.
	Web Wiz Forums Hosting ASP.NET Web Hosting

CMason Members Profile Find Members Posts Newbie Joined: 27 October 2006 Status: Offline Points: 3	Post Options Post Reply Quote CMason Report Post Thanks(0) Quote Reply Posted: 27 October 2006 at 2:24pm
	Since the admin has another secure entry to make, I think you may have unnecessarily inhibited usability in the interests of security.

Post Reply

Forum Jump

Forum Permissions View Drop Down

You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot delete your posts in this forum
You cannot edit your posts in this forum
You cannot create polls in this forum
You cannot vote in polls in this forum