Last post Aug 09, 2011 03:26 AM by Gayomard Mehta
Aug 08, 2011 01:04 PM|ramjet69|LINK
I just came from a meeting where as the junior member of the team I kept my mouth shut but took notes regarding a problem the team is trying to solve. The situation is that the users goto the main internal web page and login with their credentials. There
is a citrix application that they use 90% of the time and they launch it from the main page and their credentials are passed to the citrix application. They do their work usually around 5-10 minutes in the citrix application, close it and walk away. Now if
this was a computer in their office a simple timeout would suffice....however that is not our situation. These computers are in a high use area (by other employees not the public) and as a result an employee could walk up, launch the citrix application (remember
the first user closed the citrix app but NOT the main site they logged into) and impersonate the first user. Now the team was discussing different options but they all seemed messy.
What I was thinking was something more subtle. When the user logs into the main site capture a window / tab id. When the user launches the citrix application capture the new window / tab id. Then launch a "stool pidgeon" hidden window that both talk to.
When the citrix window gets closed the OnDestroy tells stool pidgeon "I'm outta here" and the stool pidgeon then closes the window / tab id of the original window. Finally stool pidgeon destroys itself.
Any thoughts or other ideas would be greatly appreciated.
Aug 09, 2011 03:26 AM|Gayomard Mehta|LINK
Think it is a good idea but only question is that the window that is called should not be blocked by a popup blocker...