httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "yong jiang" <yong.b.ji...@telia.se>
Subject Re: how to push in Apache
Date Mon, 29 Jul 2002 15:36:54 GMT
When the user logs in, the cgi program displays a connection status page to the user. In this
status page, it has a JavaScript program that shows the connection time. So when the user
is logged out, the access controller needs to update this status page.

Though I agree your solution is another walkaround.
/Yong

  ----- Original Message ----- 
  From: French, Shawn 
  To: 'users@httpd.apache.org' 
  Sent: Monday, July 29, 2002 5:31 PM
  Subject: RE: how to push in Apache


  I don't think your solution needs to involve a server push.

  One solution:
  Once logged out, configure the firewall to route all of the user's traffic to an error/status
page on your server explaining why they were logged out, and why they have to log in again.

  Shawn


    -----Original Message-----
    From: yong jiang [mailto:yong.b.jiang@telia.se]
    Sent: July 29, 2002 11:28 AM
    To: users@httpd.apache.org
    Subject: Re: how to push in Apache


    Owen,

    thank you for your reply.

    I probably didn't explain my question clearly. I'm trying to develop an access controller.
This access controller has a web server. A user accesses a cgi program in the web server which
asks for information such as user name and password. If the information is correct, the cgi
program can config firewalls to let that user's traffic pass over.

    Now I want to add an idle timeout function. If the user is not sending or receiving any
traffic for some time, the access controller will remove the firewall and inform the user
that he has been logged out. In realization I have another daemon that monitor the traffic
counters in the firewall rules, and if the counters are not increasing, it will remove the
rules, and then, the question is, how can i display a status page to the user.

    /Yong
      ----- Original Message ----- 
      From: Boyle Owen 
      To: users@httpd.apache.org 
      Sent: Monday, July 29, 2002 4:58 PM
      Subject: RE: how to push in Apache


      What do you mean by "logout"? If you are talking about the Basic Authentication process
which is part of the HTTP protocol then it is impossible. To explain - when a user arrives
at password protected URL, the server sends a 401 Authorization Required response. The browser
prompts the user for a password and then re-issues the request with an authorization header
appended. The browser caches the password and sends it with every request to that directory.

      So really, apache doesn't know who is logged in or out - all it knows is that the request
contains an authorization header or not. 

      If you want to emulate the login-shell thingy you get with e-banking then you have to
handle the whole thing yourself in CGI.

      Rgds,

      Owen Boyle
        -----Original Message-----
        From: yong jiang [mailto:yong.b.jiang@telia.se]
        Sent: Montag, 29. Juli 2002 16:41
        To: users@httpd.apache.org
        Subject: how to push in Apache


        Hi,

        I'm writing a program that will automatically log out a user. basically
        1.) a user uses a browser to get authenticated by a web server
        2.) there is another background process at the server side which does some kind of
checking (such as the user's credit is running out). If some conditions satisfy, it will logout
this user. In that case, a notification message needs to send to the user.

        My question is, how can this background process tells the Apache server to send this
message.

        /Yong


Mime
View raw message