Segler Posted September 2, 2011 Report Share Posted September 2, 2011 1. Limiting the stay logged in by 20min is wrong. We do not do banking here and security is not a big deal to have the time unlimited. 2. Login Name and Password shoud be proccessed automatically if I attempt to log in from the know IP, which I already used to manually type in the above info. Quote Link to comment Share on other sites More sharing options...
Krupinski Posted September 2, 2011 Report Share Posted September 2, 2011 1. Limiting the stay logged in by 20min is wrong. We do not do banking here and security is not a big deal to have the time unlimited. Login isn't limited to 20 minutes' date=' that's session totally different thing. If you use the 'remember me' you will be logged in for the day. Security is my concern so don't worry about what's a big deal and what's not. 2. Login Name and Password shoud be proccessed automatically if I attempt to log in from the know IP, which I already used to manually type in the above info. See "remember me" Quote Link to comment Share on other sites More sharing options...
Segler Posted September 2, 2011 Author Report Share Posted September 2, 2011 Raven, I check the box every time in several different computers that use different browsers, operational systems and security installments. Same result: I need to type in Name and Password every time. Second point. Security is a concern, I agree. I do not see how the limiting session could improve the situation dramatically so compromising convinience is justified. May be you can explain that to everybody, simplified? S! Quote Link to comment Share on other sites More sharing options...
Krupinski Posted September 2, 2011 Report Share Posted September 2, 2011 Like I said, session has nothing to do with security. Session is by which calls to the website are maintained "open" The longer they are maintained open, the more resources are being consumed. For instance, I user comes to the site, and reads a page on the forums. DB connections and memory are maintained to complete those requests and to handle any additional requests. If that user walks away from the computer for hours, those resources are tied up. Session is only for current "session" work. It's not going to be maintained so people bring up the site and then don't use it. Just not going to happen. There are people that may write for a long time, say an hour, and I will extend session a bit for that. But not only can I not make session infinite, I wouldn't. It's just not feasible. Remember Me: If it does not work for you check your system. All it does is write a cookie to your cache and the "browsers" checks that. If you don't have cookies enabled, then it wont work. Quote Link to comment Share on other sites More sharing options...
Segler Posted September 2, 2011 Author Report Share Posted September 2, 2011 Ya, if user is inactive for some time he should be kicked out. However active users shall be allowed to be active as long as they want. Active means typing, browsing (klicking on links), chatting - definite actions. Reading is inactive. Quote Link to comment Share on other sites More sharing options...
Krupinski Posted September 2, 2011 Report Share Posted September 2, 2011 Ya' date=' if user is inactive for some time he should be kicked out. However active users shall be allowed to be active as long as they want. Active means typing, browsing (klicking on links), chatting - definite actions. Reading is inactive.[/quote'] Nice idea, but the internet doesn't work like that. It's a stateless machine. Once a request is made, active http connections are closed. Session is continued by making requests to the server - posting or getting information. You following a link, thats a request to the server, you press a submit button, thats a request to the server. Session is maintained. You typing on your keyboard is not posting or requesting information on the server, until you click that 'post' button. The server has no way of knowing what your intentions, or even if you are still there for that matter. The key here is "state". All these things would require a stateful system. HTTP (the internet) is not stateful. Quote Link to comment Share on other sites More sharing options...
Krupinski Posted September 2, 2011 Report Share Posted September 2, 2011 Checking the logs, you logged in at 12:35 PM today, ~1 PM made the first post in this thread. Then made your second post about 2PM. Made your third about 2:45. All without logging in every twenty minutes. Quote Link to comment Share on other sites More sharing options...
Segler Posted September 2, 2011 Author Report Share Posted September 2, 2011 I have to admit that login is started to work for me properly. Without changing anything on my side... I shot the browser down between the posts and at the start when I click the book mark it connects me. Go figure. Quote Link to comment Share on other sites More sharing options...
Segler Posted September 2, 2011 Author Report Share Posted September 2, 2011 This is the problem, found it. When I connect using book mark in the browser - cookie is working. When I try to get in thru the front page - login is required. Then bookmark stop working as well - I have to log in again. Quote Link to comment Share on other sites More sharing options...
Krupinski Posted September 2, 2011 Report Share Posted September 2, 2011 Out of curiosity. What is your default browser? What page does your bookmark go to? What browser are you using to visit the "front page." What "front page" are you referring to? The oesau home page @ http://www.jg1.org/oesau/home.aspx ? The generic landing site for all of jg1 @ http://www.jg1.org/ ? or the landing page for richthofen @ http://www.jg1.org/richthofen/Home.aspx ? Quote Link to comment Share on other sites More sharing options...
Krupinski Posted September 2, 2011 Report Share Posted September 2, 2011 Also, edit the bookmark and copy & paste the url here exactly as it is in your bookmark. Quote Link to comment Share on other sites More sharing options...
Krupinski Posted September 2, 2011 Report Share Posted September 2, 2011 my guess is - you are trying to "get in thru the front page" using www.jg1.org or www.jg1.org/richthofen/ Since you are not registered on either of those, it's showing you the login. You use that log in, and are unsuccessful, because you are not registered there in either case, and since the login code erases the cookies for the domain jg1.org, well you are no longer logged in here at oesau. http://www.jg1.org/tabid/116/g/posts/t/9/Website-Instructions.aspx Quote Link to comment Share on other sites More sharing options...
Segler Posted September 3, 2011 Author Report Share Posted September 3, 2011 "DB connections and memory are maintained to complete those requests and to handle any additional requests. If that user walks away from the computer for hours, those resources are tied up" Raven, I completely agree on policy to restrict the resources use. My question is what are statisticly the number of users do stay idle for long time here? I betcha it is not too large. We do not have a lot of users here and most are very busy people. Main principal of engineering is: "Good enough is Perfect". Per sure to know what is good enough is matter of accumulated knowlage. My opinion - even 2-3 hours of idle allowance will not bring the server down in foreseen future. Try it. It will make typers happy. BTW point on registration is taken, that might be the couse of my login troubles. Quote Link to comment Share on other sites More sharing options...
Moxy Posted September 3, 2011 Report Share Posted September 3, 2011 Hey Guys. If it would just remember my name, so I didnt have to type every time, that would be fine. I use firefox. do the 2 not click that way? or is it some kind of setting. That would be nice. Hey, the new/turned on editions, are starting to gel. (please not trying to hijack) Mox Quote Link to comment Share on other sites More sharing options...
Krupinski Posted September 3, 2011 Report Share Posted September 3, 2011 My question is what are statisticly the number of users do stay idle for long time here? I betcha it is not too large. We do not have a lot of users here and most are very busy people. Actually we do - 783 unique visitors last month, 23,000 page views and an average of 7:35 minutes on the site, with August 3rd with the highest average time on site of 15 minutes. There are many reasons but in a nutshell it's staying how it is. Quote Link to comment Share on other sites More sharing options...
Segler Posted September 3, 2011 Author Report Share Posted September 3, 2011 783 unique visitors last month' date=' 23,000 page views and an average of 7:35 minutes on the site, with August 3rd with the highest average time on site of 15 minutes. [/quote'] It is up to you how to run the thing. One hour should be enough in most situations. However statistics shows that there is no problem at the moment. Average time on site is low. Number of real visitors for the whole month is much less than 783 - people have multiplied locations: home, work... I would speculate that the real number is close to 500. Thanks for explanations. S! Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.