httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Boyle Owen" <Owen.Bo...@swx.com>
Subject RE: [users@httpd] ask loggin everytime u open the page
Date Wed, 28 Aug 2002 13:38:56 GMT
>From: J. Greenlees [mailto:jaqui@shaw.ca]
>
>... use no-cache and the browser can't keep anything...

Want to bet about that? The browser is its own master and can do what it likes. A well-behaved
browser might choose to obey these meta tags but there is no fundamental law of the universe
forcing it to :-)

In any case, the username/password pair is passed as a base64-encoded argument to the Authorization
header in the request. I'm not sure that this is cached by the same mechanism that caches
HTML content so even if the browser obeyed the no-cache hint, I doubt it would not cache the
username/password pair.

Finally, even if you succeeded, it would mean that every request in the protected area would
require the user to type in a username and password - i.e. every new page you loaded and all
the images etc... That'd be rather a Pyrrhic victory, I'd imagine.

Rgds,

Owen Boyle
 
>
>Boyle Owen wrote:
>
>>Remarkably, another user asked a similar question yesterday 
>(answer at: 
>http://marc.theaimsgroup.com/?l=apache-httpd-users&m=1030448455
>17207&w=2).
>>
>>Basically, this behaviour is controlled by the browser which 
>caches the username/password. You can't force it to forget it...
>>
>>Rgds,
>>
>>Owen Boyle
>>
>>>-----Original Message-----
>>>From: Raphael KONG [mailto:rkong@saint-etienne.sema.slb.com]
>>>Sent: Mittwoch, 28. August 2002 14:36
>>>To: users@httpd.apache.org
>>>Subject: [users@httpd] ask loggin everytime u open the page
>>>
>>>
>>>lo !
>>>
>>>I'm new here and for my first question :
>>>
>>>I use the mod "mod_auth_ldap" to limit access to a 
>directory. You can 
>>>access only if you have an account in my ldap server. It works 
>>>well. But 
>>>here if I log in, the authentification is valid until I close IE or 
>>>Netscape. I would like to ask loggin/password every time a 
>>>user try to open 
>>>the index page without closing the browser.
>>>
>>>Is there a solution ?
>>>
>>>I hope it clear for you !
>>>
>>>Thx for your help !
>>>
>>>Raphael. 
>>>
>>>
>>>---------------------------------------------------------------------
>>>The official User-To-User support forum of the Apache HTTP 
>>>Server Project.
>>>See <URL:http://httpd.apache.org/userslist.html> for more info.
>>>To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>>>  "   from the digest: users-digest-unsubscribe@httpd.apache.org
>>>For additional commands, e-mail: users-help@httpd.apache.org
>>>
>>>
>>
>>---------------------------------------------------------------------
>>The official User-To-User support forum of the Apache HTTP 
>Server Project.
>>See <URL:http://httpd.apache.org/userslist.html> for more info.
>>To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>>   "   from the digest: users-digest-unsubscribe@httpd.apache.org
>>For additional commands, e-mail: users-help@httpd.apache.org
>>
>>
>
>
>
>
>---------------------------------------------------------------------
>The official User-To-User support forum of the Apache HTTP 
>Server Project.
>See <URL:http://httpd.apache.org/userslist.html> for more info.
>To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>   "   from the digest: users-digest-unsubscribe@httpd.apache.org
>For additional commands, e-mail: users-help@httpd.apache.org
>
>

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message