httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From (Yavor Trapkov)
Subject RE: Antw: Re: [patch]2 : mod_auth_ldap doesn't effectively use thecache with"require user User1 User2 .." dir
Date Mon, 17 Mar 2003 21:27:46 GMT
"Andre Schild" <> wrote:

>Better when we find a " in the line, use those as quotes.
>If no " are found, then use the blanks as separarators. (And this
>automatically disallows usernames with blanks in them.)

I agree, that will be clear.

>>BTW, how the other apache authentication modules treat this
>Good question....

>The only advantage a negative caching would provide is (slightly) a
>handling of DOS attacks. Of course a DOS attack is still possible
>when requestings user1, user2.... user99999
>Of course a negative cache should have a "short" cache lifetime.
>3-5 minutes or so.
I somehow doesn't catch the "negative cache" problem, we don't put in the cache any negative
responces, do we?

Yavor Trapkov, MSc.
Sen. Unix Systems Admin
WIPO, Geneva 1211, CH

Try AOL and get 1045 hours FREE for 45 days!

Get AOL Instant Messenger 5.1 for FREE! Download Now!

View raw message