[Koha-devel] Clarify timeout syspref?
Joe Atzberger
ohiocore at gmail.com
Tue Feb 24 17:01:55 CET 2009
On Tue, Feb 24, 2009 at 9:35 AM, Eric Bégin <Eric.Begin at inlibro.com> wrote:
> > One problem is : as far as I can see, there's only one timeout, while
> > there probably should be 2 : one for opac, one for intranet. Short for
> > opac, long for intranet, where you want to : start cataloging a book,
> > go have a coffee, continue cataloging that darn book.
> What about letting the user decide? This could be a per user setting.
>
I don't see any value to that. There are security implications from session
length, so the MAX session length should be controlled by the system, not
the user. The user can always logout earlier if they want to.
On the question of logging into the OPAC as a different user, it is only a
problem if you do not have separate DNS names for your interfaces. The
session data is written in a cookie, and cookies do not distinguish between
interfaces based on ports, only by domain. So it is recommended to use
different DNS names instead of samename:8080.
--Joe
-------------- next part --------------
An HTML attachment was scrubbed...
URL: </pipermail/koha-devel/attachments/20090224/e69a9cd5/attachment-0003.htm>
More information about the Koha-devel
mailing list