Doing some testing – it looks like if you login, use the app, close the browser tab.
Then, open a new tab and go to the site’s URL – it automatically brings up the app and bypasses the login page.
I can see this as being an issue on a machine that is shared by multiple users. Or, even worse – when an unauthorized user navigates to the site on a machine where the previous user just closed the tab page.
Is there any way to at least have the login page come back up ? I don’t mind the session hanging around for a while, that’s a good thing if they lost connection i guess.
Session cookies are deleted when the browser is closed. Closing a tab is the same hitting refresh for the browser. There is no type of cookie that is removed when closing a browser tab. This same behavior is present with ASP.NET/MVC when using the ASP.NET session.
With Wisej you can change it in two ways:
<script>
window.onunload = function () {
document.cookie = “Wisej.SessionId=;”;
}
</script>
The downside is that a simple refresh will also delete the cookie and create a new session. Adding an argument to the URL will also be perceived by the brower as a tab being closed so the session will be lost as well with the code above.
Wisej will add the session id to the URL and ignore the cookie. A refresh will preserve the session. Closing the tab will lose it.
Please login first to submit.
