httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From trap...@netscape.net (Yavor Trapkov)
Subject RE: Antw: Re: [patch]2 : mod_auth_ldap doesn't effectively use thecache with"require user User1 User2 .." dir
Date Mon, 17 Mar 2003 21:27:46 GMT
"Andre Schild" <A.Schild@aarboard.ch> wrote:

>Better when we find a " in the line, use those as quotes.
>If no " are found, then use the blanks as separarators. (And this
>automatically disallows usernames with blanks in them.)

I agree, that will be clear.

>
>>BTW, how the other apache authentication modules treat this
>situation?
>Good question....

>The only advantage a negative caching would provide is (slightly) a
>better
>handling of DOS attacks. Of course a DOS attack is still possible
>when requestings user1, user2.... user99999
>
>Of course a negative cache should have a "short" cache lifetime.
>3-5 minutes or so.
>
I somehow doesn't catch the "negative cache" problem, we don't put in the cache any negative
responces, do we?

-- 
Yavor Trapkov, MSc.
Sen. Unix Systems Admin
WIPO, Geneva 1211, CH


__________________________________________________________________
Try AOL and get 1045 hours FREE for 45 days!
http://free.aol.com/tryaolfree/index.adp?375380

Get AOL Instant Messenger 5.1 for FREE! Download Now!
http://aim.aol.com/aimnew/Aim/register.adp?promos=380455

Mime
View raw message