Hi all

I want to be able to timeout an authenticated user.  I am planning on using a session object to store the username and set the timeout on that object.  When the session object timed-out, I will see that there is no username and I can then set the authenticateduser to Anonymous.

I am not quite sure how to do that (set the authenticated user to something else - is it enough just to se the REQUEST variable?) and if my methodology is good at all!  Any other suggestions on tackling this?

B.T.W. I am going to create a session object storing some extra info on the user anyway, that's why I thought of using the session object to do the timeouts with.

Etienne