From: Martin B. <vc...@cy...> - 2004-08-30 08:12:13
|
Hi, > There must be something wrong with the session stop function, and I > notice that there's some hardcoded stuff in the OpenSSL token class that > could have something to do with it, eg: > logout function sets ONLINE to 0, but getOnline is hardcoded to always > return 1. I am pretty sure that the OpenCA::Crypto::Token class does not have any impact on user session login/logout. The ONLINE handling of this class is introduced in order to determine the state of the *crypto backend*, i. e. to determine if private key usage is possible. This is not related to end user actions. User session handling is performed using the CGI session capabilities, if I remember correctly. The right place to look is OpenCA::TRIstateCGI and OpenCA::Session, I suppose. Martin |