httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "yong jiang" <>
Subject Re: how to push in Apache
Date Mon, 29 Jul 2002 15:27:53 GMT

thank you for your reply.

I probably didn't explain my question clearly. I'm trying to develop an access controller.
This access controller has a web server. A user accesses a cgi program in the web server which
asks for information such as user name and password. If the information is correct, the cgi
program can config firewalls to let that user's traffic pass over.

Now I want to add an idle timeout function. If the user is not sending or receiving any traffic
for some time, the access controller will remove the firewall and inform the user that he
has been logged out. In realization I have another daemon that monitor the traffic counters
in the firewall rules, and if the counters are not increasing, it will remove the rules, and
then, the question is, how can i display a status page to the user.

  ----- Original Message ----- 
  From: Boyle Owen 
  Sent: Monday, July 29, 2002 4:58 PM
  Subject: RE: how to push in Apache

  What do you mean by "logout"? If you are talking about the Basic Authentication process
which is part of the HTTP protocol then it is impossible. To explain - when a user arrives
at password protected URL, the server sends a 401 Authorization Required response. The browser
prompts the user for a password and then re-issues the request with an authorization header
appended. The browser caches the password and sends it with every request to that directory.

  So really, apache doesn't know who is logged in or out - all it knows is that the request
contains an authorization header or not. 

  If you want to emulate the login-shell thingy you get with e-banking then you have to handle
the whole thing yourself in CGI.


  Owen Boyle
    -----Original Message-----
    From: yong jiang []
    Sent: Montag, 29. Juli 2002 16:41
    Subject: how to push in Apache


    I'm writing a program that will automatically log out a user. basically
    1.) a user uses a browser to get authenticated by a web server
    2.) there is another background process at the server side which does some kind of checking
(such as the user's credit is running out). If some conditions satisfy, it will logout this
user. In that case, a notification message needs to send to the user.

    My question is, how can this background process tells the Apache server to send this message.


View raw message