Database Reference
In-Depth Information
You may be wondering how to control user logout after a user has
logged into eXist. You have three options for this, each of which
involves manipulating the user's HTTP session:
1. Remove the cached user credentials attribute from the HTTP
session
by
calling
session:remove-attribute("_eXist_xmldb_user")
.
2. Clear all attributes of the user's HTTP session by calling
session:clear()
.
3. Invalidate the user's HTTP session by calling
session:invalid
ate()
. Invalidating the user's session means that you will have
to create a new session if you wish to store further attributes in
the session.
For further details on how HTTP sessions are managed, see the
entry for
session
in
Appendix A
.
Backups
While the reasons for performing backups are not solely related to security but also to
disaster recovery, the importance of backups cannot be stressed enough. First, ensure
that you have backups, and secondly, ensure that you can restore your system from
them! Whatever approach you take, backups should be something that you perform
frequently, test regularly, and have confidence in as your last line of defense. For fur‐
ther information, see
“Backup and Restore” on page 396
.
Search WWH ::
Custom Search