Return-Path: Delivered-To: apmail-httpd-modules-dev-archive@minotaur.apache.org Received: (qmail 4615 invoked from network); 10 Apr 2009 23:26:36 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.3) by minotaur.apache.org with SMTP; 10 Apr 2009 23:26:36 -0000 Received: (qmail 4984 invoked by uid 500); 10 Apr 2009 23:26:35 -0000 Delivered-To: apmail-httpd-modules-dev-archive@httpd.apache.org Received: (qmail 4948 invoked by uid 500); 10 Apr 2009 23:26:35 -0000 Mailing-List: contact modules-dev-help@httpd.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: modules-dev@httpd.apache.org Delivered-To: mailing list modules-dev@httpd.apache.org Received: (qmail 4938 invoked by uid 99); 10 Apr 2009 23:26:35 -0000 Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136) by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 10 Apr 2009 23:26:35 +0000 X-ASF-Spam-Status: No, hits=-0.0 required=10.0 tests=SPF_PASS X-Spam-Check-By: apache.org Received-SPF: pass (athena.apache.org: domain of mmwaldman@nyc.rr.com designates 71.74.56.122 as permitted sender) Received: from [71.74.56.122] (HELO hrndva-omtalb.mail.rr.com) (71.74.56.122) by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 10 Apr 2009 23:26:26 +0000 Received: from DeJaVu ([67.247.0.125]) by hrndva-omta04.mail.rr.com with ESMTP id <20090410232539.FYXM19377.hrndva-omta04.mail.rr.com@DeJaVu> for ; Fri, 10 Apr 2009 23:25:39 +0000 From: "Michele Waldman" To: Subject: RE: mod_auth_digest Date: Fri, 10 Apr 2009 19:25:41 -0400 MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit X-Mailer: Microsoft Office Outlook, Build 11.0.6353 thread-index: Acm6MRCDaRpmrHHaSFS0C/r1o6eeIwAAnU6A X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.3350 In-Reply-To: <1239404779.31128.4@raydesk1.bettercgi.com> Message-Id: <20090410232539.FYXM19377.hrndva-omta04.mail.rr.com@DeJaVu> X-Virus-Checked: Checked by ClamAV on apache.org Reply. I put print statements in the mod_auth_digest file to see values. I didn't see subsequent call, but I forgot to check the timestamps. I'll look again. Thanks. Margaret Michele Waldman Sovereign Sites L.L.C. Website Development 646-861-3375 Rule your domain ... -----Original Message----- From: Ray Morris [mailto:support@bettercgi.com] Sent: Friday, April 10, 2009 7:06 PM To: modules-dev@httpd.apache.org Subject: Re: mod_auth_digest You won't see anything special on the Apache side, I don't think. I believe the only difference between the first authentication and subsequent requests is that the browser (hopefully) sends the user/pass with each request, so there is no need for Apache to return a 401, causing the clinet to pop up the authentication dialog and re-request the page with the authentication info the secodn time around. -- Ray B. Morris support@bettercgi.com Strongbox - The next generation in site security: http://www.bettercgi.com/strongbox/ Throttlebox - Intelligent Bandwidth Control http://www.bettercgi.com/throttlebox/ Strongbox / Throttlebox affiliate program: http://www.bettercgi.com/affiliates/user/register.php On 04/10/2009 04:33:23 PM, Michele Waldman wrote: > Does anyone know? > > After a browser calls a page authenticated with mod_auth_digest, what > function or hook is called the next time the page is accessed. > > I figure it has to authenticate each time, but it's probably using a > short > cut to reauthenticate. I want to intervene but I'm not sure what's > getting > called on subsequent page accesses. > > Thanks, > > Michele > >