18.1 Client Based Sessions

Client-side sessions are a less strict interpretation of a session and use techniques more appropriate to internal intranet applications where security requirements are less stringent.

Visual LANSA's web applications are stateful, this means that the client is always active, it's not just a browser showing static HTML that is constantly replaced. This results in an environment that can easily handle timeouts and other such features.

LANSA provides access to an idle event by using the Visual LANSA Application Object (SYS_APPLN). Within the application a timer starts as soon there is no mouse or keyboard activity. Every 5 seconds the idle event will fire allowing the application to determine of the session should be ended.

In the following example, if the user provides no input for 15 minutes (900 seconds) it may be desirable to hide what's on the screen and force the re-entry of a user ID and password.

Evtroutine Handling(#Sys_Appln.Idle) Seconds(#Seconds)
* If no data entry for 15 minutes and not already timed out
If ((#Seconds = 900) *And (*Not #MyApplication.TimedOut))
   #MyApplication.ShowSignon
Endif

Endroutine
 

Being a stateful environment, this can be elegantly handled with an overlay to cover and restrict access to whatever the user is currently doing. As soon as a valid sign on is achieved, the overlay is removed and the application is exactly where it was before the session was ended.

Client based sessions often need to store information on the client, a simple way to do this when developing web applications with Visual LANSA is making use of the Session and Local storage properties associated with the Web Application object. Refer to Session and Local Storage for more information.