$Web End Ses: Difference between revisions

From m204wiki
Jump to navigation Jump to search
mNo edit summary
(Automatically generated page update)
 
(12 intermediate revisions by 2 users not shown)
Line 1: Line 1:
{{DISPLAYTITLE:$Web_End_Ses}}
{{DISPLAYTITLE:$Web_End_Ses}}
<span class="pageSubtitle"><section begin="desc" />Terminate a logical login session<section end="desc" /></span>
<span class="pageSubtitle">Terminate a logical login session</span>


$Web_End_Ses terminates a logical login session maintained via SSLSES or SESCOOKIE.
<var>$Web_End_Ses</var> terminates a logical login session maintained via SSLSES or SESCOOKIE.


$Web_End_Ses takes no arguments and returns a status code. It is a callable $function (see [[Calling_Sirius_Mods_$functions|"Calling Sirius Mods $functions"]]).
<var>$Web_End_Ses</var> takes no arguments and returns a status code. It is a [[Calling Sirius Mods $functions|callable]] $function.


==Syntax==
==Syntax==
<p class="syntax"><section begin="syntax" /><span class="term">%rc</span> = $Web_End_Ses
<p class="syntax"><span class="term">%rc</span> = $Web_End_Ses
<section end="syntax" /></p>
</p>


===Syntax terms===
===Syntax terms===
Line 30: Line 30:
<li>If the port definition indicates SSLSES or SESCOOKIE, <var class="product">[[Janus Web Server]]</var> will use SSL session information or session cookie information to do trusted logins for the session's userid. This has many benefits, including avoiding the vagaries of dealing with password changes in HTTP.  
<li>If the port definition indicates SSLSES or SESCOOKIE, <var class="product">[[Janus Web Server]]</var> will use SSL session information or session cookie information to do trusted logins for the session's userid. This has many benefits, including avoiding the vagaries of dealing with password changes in HTTP.  
<p>
<p>
There might be times, however, when it is desirable to force a user to re-enter a password before the session timeout, or even to allow the user to switch to a different userid. In such instances, $Web_End_Ses might be useful to terminate the logical session immediately. $WEB_END_SES, of and by itself, will not cause a password prompt to appear on the user's workstation. An application can force a login pop-ip window to appear at a browser by issuing the following statement after the $Web_End_Ses:</p>
There might be times, however, when it is desirable to force a user to re-enter a password before the session timeout, or even to allow the user to switch to a different userid. In such instances, <var>$Web_End_Ses</var> might be useful to terminate the logical session immediately. <var>$Web_End_Ses</var>, of and by itself, will not cause a password prompt to appear on the user's workstation. An application can force a login pop-ip window to appear at a browser by issuing the following statement after the <var>$Web_End_Ses</var>:</p>
<p class="code"> %X = $Web_Done(401, "Unauthorized")
<p class="code"> %X = $Web_Done(401, "Unauthorized")
</p>
</p>
The $Web_Done(401) above obviates the need for the $Web_End_Ses, though, because an "unauthorized" status implies a $Web_End_Ses.  
The $Web_Done(401) above obviates the need for the <var>$Web_End_Ses</var>, though, because an "unauthorized" status implies a <var>$Web_End_Ses</var>.  
<p>
<p>
If the session was established from information in a client certificate, $Web_End_Ses will probably be ineffective: it will simply force the NEWSESCMD processing to occur on the next request from the browser, but it will not force or even give the browser a chance to send a new client certificate. To force the client to send a new certificate, you can use $Web_End_SSLSes ([[$Web_End_SSLSes]]). If the logical session is being maintained via SSLSES, that is if it's associated with the SSL session, issuing a $Web_End_SSLSes also terminates the logical login session.</p>
If the session was established from information in a client certificate, <var>$Web_End_Ses</var> will probably be ineffective: it will simply force the NEWSESCMD processing to occur on the next request from the browser, but it will not force or even give the browser a chance to send a new client certificate. To force the client to send a new certificate, you can use <var>[[$Web_End_SSLSes]]</var>. If the logical session is being maintained via SSLSES, that is if it's associated with the SSL session, issuing a <var>$Web_End_SSLSes</var> also terminates the logical login session.</p>
</ul>
</ul>


[[Category:Janus Web Server $functions|$Web_End_Ses]]
[[Category:Janus Web Server $functions|$Web_End_Ses]]

Latest revision as of 14:55, 9 April 2013

Terminate a logical login session

$Web_End_Ses terminates a logical login session maintained via SSLSES or SESCOOKIE.

$Web_End_Ses takes no arguments and returns a status code. It is a callable $function.

Syntax

%rc = $Web_End_Ses

Syntax terms

%rc A numeric status code:
Code Meaning
-1 Not a Web Server thread.
0 Session terminated.
1 A Web Server thread but no logical login session.

Usage notes

  • If the port definition indicates SSLSES or SESCOOKIE, Janus Web Server will use SSL session information or session cookie information to do trusted logins for the session's userid. This has many benefits, including avoiding the vagaries of dealing with password changes in HTTP.

    There might be times, however, when it is desirable to force a user to re-enter a password before the session timeout, or even to allow the user to switch to a different userid. In such instances, $Web_End_Ses might be useful to terminate the logical session immediately. $Web_End_Ses, of and by itself, will not cause a password prompt to appear on the user's workstation. An application can force a login pop-ip window to appear at a browser by issuing the following statement after the $Web_End_Ses:

    %X = $Web_Done(401, "Unauthorized")

    The $Web_Done(401) above obviates the need for the $Web_End_Ses, though, because an "unauthorized" status implies a $Web_End_Ses.

    If the session was established from information in a client certificate, $Web_End_Ses will probably be ineffective: it will simply force the NEWSESCMD processing to occur on the next request from the browser, but it will not force or even give the browser a chance to send a new client certificate. To force the client to send a new certificate, you can use $Web_End_SSLSes. If the logical session is being maintained via SSLSES, that is if it's associated with the SSL session, issuing a $Web_End_SSLSes also terminates the logical login session.