Question
question about MM_Username and Restrict Access to Page
Hi,
Quick clarification required...
The Restrict Access to Page behaviour, as far as I can see in the code,
checks to see if value Session("MM_Username") exists. If it is blank, it
doesn't allow access.
What would happen though if someone logged into a site that uses the Login
User behaviour, thus creating the MM_Username session, then left that site,
within the same browser, and immediately tried to access a page on another
site that has the Restrict Access to Page behaviour. Because the
MM_Username session exists, would they be given access to this page, despite
it being on a different site?
I've not set up two sites to try this, but I did try this within a
subdirectory of one site and it allowed access to both areas, which is why I
ask.
Cheers
nath.
Quick clarification required...
The Restrict Access to Page behaviour, as far as I can see in the code,
checks to see if value Session("MM_Username") exists. If it is blank, it
doesn't allow access.
What would happen though if someone logged into a site that uses the Login
User behaviour, thus creating the MM_Username session, then left that site,
within the same browser, and immediately tried to access a page on another
site that has the Restrict Access to Page behaviour. Because the
MM_Username session exists, would they be given access to this page, despite
it being on a different site?
I've not set up two sites to try this, but I did try this within a
subdirectory of one site and it allowed access to both areas, which is why I
ask.
Cheers
nath.
AdChoices