0

Googling for heartbeat authentication gives so much info that inst related that makes it hard to find good sources.

In short terms what a heart beat authentication is ?

In what cases could would it be more applied to be used ?

I am sorry that this seems like a ultra general question if you could perhaps direct me to some better information about it I could make my question more specific to what I am aiming for, but for that I need to know more about heartbeat.

Guapo
  • 3,446
  • 9
  • 36
  • 63
  • What problem (that you think heartbeat authentication would be appropriate for) are you trying to solve? – Jacob Mattison Feb 25 '11 at 21:47
  • You refering to this? http://en.wikipedia.org/wiki/Heartbeat_(program) or are you talking about some type of heartbeat to check to see if a user is authenticated? – Nix Feb 25 '11 at 21:55
  • @Nix `are you talking about some type of heartbeat to check to see if a user is authenticated?` exactly this. – Guapo Feb 25 '11 at 22:12

1 Answers1

1

Depending on how the site works, the heartbeat functionality could be as simple as performing an Ajax GET on the site, then testing the HTTP status of the response. For example, a 200 may mean that the browser was authenticated, and a 401 could mean that the user's authorization has expired. Or perhaps the site redirects the request to a login page, in which case you could check for a 302.

Here's how you could do it via jQuery, for example:

setInterval(
    function() {
        jQuery.ajax(
            '/protected-resource', 
            {
                error: function(jqXHR, textStatus, errorThrown) {
                    if (jqXHR.status != 200) {
                        doUnauthorizedResponse();
                    }
                }
            }
        );
    },
    60000);
Jacob
  • 77,566
  • 24
  • 149
  • 228
  • thanks for your reply, so basicly a heartbeat for authentication is a way to make sure the user have a valid session otherwise boot him out ? What I have is a desktop application that auth using https to my website, so a heartbeat in this case would be the same as checking every X minutes if the server can communicate with the client or not ? – Guapo Feb 25 '11 at 23:28