D
Danny
Hi there,
Here is a scenario that I 've been asked to look into. Can anyone comment on this...
I have a Web App that uses forms authentication to secure sections. Say for example that a user is logged in and authenticated to use secure sections of site. User then proceeds to navigate to some site outside of the secure sections of the web app (could be any url) but forgets to log out then eventually gets up and walks away from their machine. Some other malicious user then comes along and presses the back button on their browser to see what forgetful user has been looking at.
I've been asked to somehow prevent that malicious user from being able to gain access to secure content if fogetful user didn't logout and the forms authentication timer on the auth cookie hasn't yet expired.
I'm really not sure if this is possible
Here is a scenario that I 've been asked to look into. Can anyone comment on this...
I have a Web App that uses forms authentication to secure sections. Say for example that a user is logged in and authenticated to use secure sections of site. User then proceeds to navigate to some site outside of the secure sections of the web app (could be any url) but forgets to log out then eventually gets up and walks away from their machine. Some other malicious user then comes along and presses the back button on their browser to see what forgetful user has been looking at.
I've been asked to somehow prevent that malicious user from being able to gain access to secure content if fogetful user didn't logout and the forms authentication timer on the auth cookie hasn't yet expired.
I'm really not sure if this is possible