httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Robert Andersson" <rob...@profundis.nu>
Subject Re: how to push in Apache
Date Tue, 30 Jul 2002 05:10:39 GMT
It would be nice if the server could initiate a response to the client, without it asking for
it, but that's not how it is :(. You could have the "status page" refreshed frequently, say
every 5 seconds, which would stop refreshing and show a message when the user is logged out.
Problem is, if your client is logged out by your firewall blocking him, then it would be somewhat
hard to refresh the page for the client to get the message. You probably can get around that
by putting the "status page" on a server/ip/port not protected by the firewall, or have a
delay between the actual logout and the firewall rules change.

Just my thoughts.

Regards,
Robert Andersson

  ----- Original Message ----- 
  From: yong jiang 
  To: users@httpd.apache.org 
  Sent: Monday, July 29, 2002 5:36 PM
  Subject: Re: how to push in Apache


  When the user logs in, the cgi program displays a connection status page to the user. In
this status page, it has a JavaScript program that shows the connection time. So when the
user is logged out, the access controller needs to update this status page.

  Though I agree your solution is another walkaround.
  /Yong

    ----- Original Message ----- 
    From: French, Shawn 
    To: 'users@httpd.apache.org' 
    Sent: Monday, July 29, 2002 5:31 PM
    Subject: RE: how to push in Apache


    I don't think your solution needs to involve a server push.

    One solution:
    Once logged out, configure the firewall to route all of the user's traffic to an error/status
page on your server explaining why they were logged out, and why they have to log in again.

    Shawn


      -----Original Message-----
      From: yong jiang [mailto:yong.b.jiang@telia.se]
      Sent: July 29, 2002 11:28 AM
      To: users@httpd.apache.org
      Subject: Re: how to push in Apache


      Owen,

      thank you for your reply.

      I probably didn't explain my question clearly. I'm trying to develop an access controller.
This access controller has a web server. A user accesses a cgi program in the web server which
asks for information such as user name and password. If the information is correct, the cgi
program can config firewalls to let that user's traffic pass over.

      Now I want to add an idle timeout function. If the user is not sending or receiving
any traffic for some time, the access controller will remove the firewall and inform the user
that he has been logged out. In realization I have another daemon that monitor the traffic
counters in the firewall rules, and if the counters are not increasing, it will remove the
rules, and then, the question is, how can i display a status page to the user.

      /Yong
        ----- Original Message ----- 
        From: Boyle Owen 
        To: users@httpd.apache.org 
        Sent: Monday, July 29, 2002 4:58 PM
        Subject: RE: how to push in Apache


        What do you mean by "logout"? If you are talking about the Basic Authentication process
which is part of the HTTP protocol then it is impossible. To explain - when a user arrives
at password protected URL, the server sends a 401 Authorization Required response. The browser
prompts the user for a password and then re-issues the request with an authorization header
appended. The browser caches the password and sends it with every request to that directory.

        So really, apache doesn't know who is logged in or out - all it knows is that the
request contains an authorization header or not. 

        If you want to emulate the login-shell thingy you get with e-banking then you have
to handle the whole thing yourself in CGI.

        Rgds,

        Owen Boyle
          -----Original Message-----
          From: yong jiang [mailto:yong.b.jiang@telia.se]
          Sent: Montag, 29. Juli 2002 16:41
          To: users@httpd.apache.org
          Subject: how to push in Apache


          Hi,

          I'm writing a program that will automatically log out a user. basically
          1.) a user uses a browser to get authenticated by a web server
          2.) there is another background process at the server side which does some kind
of checking (such as the user's credit is running out). If some conditions satisfy, it will
logout this user. In that case, a notification message needs to send to the user.

          My question is, how can this background process tells the Apache server to send
this message.

          /Yong


Mime
View raw message