[7.250] EUP Lifetime of Session Cookie [NOTABUG]

If I close my Browser (firefox 3) while i'm logged in the End-User-Portal and then start it again (1 Hour later), the session is still active. I was not prompted for a username and password.
I was directly logged in a the last user.

Possible security issue, isn't it?

Parents

0 frickler over 17 years ago

There is a new feature called "Persistent cookie support". You can explicitly logout from the EUP. Then again on the login-screen, uncheck the "Remember my login" checkbox. I'll change the default setting to off, that you have to explicitly enable the cookie in future.
Nevertheless persistent cookie support can be deavtivated at all in webadmin.
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel

Reply

0 frickler over 17 years ago

There is a new feature called "Persistent cookie support". You can explicitly logout from the EUP. Then again on the login-screen, uncheck the "Remember my login" checkbox. I'll change the default setting to off, that you have to explicitly enable the cookie in future.
Nevertheless persistent cookie support can be deavtivated at all in webadmin.
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel

Children

No Data