httpd-docs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Rodent of Unusual Size <Ken.C...@Golux.Com>
Subject Re: Docs correction? re Auth
Date Wed, 11 Dec 2002 22:17:58 GMT
Rich Bowen wrote:
> 
> You create a link to <bogus:bogus@hostname.com/logout.html> or somesuch,
> and that this effectively resets the password cache on the browser.

clever.  however, it has some drawbacks:

1. it can't be just any uri on the site; it needs to be one within
   the realm where the credentials are valid.
2. if the above uri is in a 'require' area, the poor user is going
   to get an 'authentication failed' popup.
3. if the uri is in an area within the realm but not requiring
   valid credentials (e.g., allow from all/satisfy any).. h'm.
   that might be browser specific.  it may replace the validated
   credentials with the bogus ones, or it may not.  in the former
   case, the results will be as desired.

*very* interesting..
-- 
#ken	P-)}

Ken Coar, Sanagendamgagwedweinini  http://Golux.Com/coar/
Author, developer, opinionist      http://Apache-Server.Com/

"Millennium hand and shrimp!"

Mime
View raw message