Return-Path: Delivered-To: apmail-httpd-users-archive@httpd.apache.org Received: (qmail 53709 invoked by uid 500); 28 Aug 2002 13:38:57 -0000 Mailing-List: contact users-help@httpd.apache.org; run by ezmlm Precedence: bulk Reply-To: users@httpd.apache.org list-help: list-unsubscribe: list-post: Delivered-To: mailing list users@httpd.apache.org Received: (qmail 53599 invoked from network); 28 Aug 2002 13:38:56 -0000 Received: from ns0b.swx.com (146.109.240.235) by daedalus.apache.org with SMTP; 28 Aug 2002 13:38:56 -0000 Received: from gate0a.unix.swx.ch (gate0a [192.168.252.17]) by ns0b.swx.com (8.9.3+Sun/8.9.3) with ESMTP id PAA26214 for ; Wed, 28 Aug 2002 15:38:57 +0200 (MEST) Received: from SOMEXEVS001.ex.ordersx.org (localhost [127.0.0.1]) by gate0a.unix.swx.ch (8.9.3+Sun/8.9.3) with ESMTP id PAA26949 for ; Wed, 28 Aug 2002 15:38:56 +0200 (MEST) content-class: urn:content-classes:message MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable X-MimeOLE: Produced By Microsoft Exchange V6.0.5762.3 Date: Wed, 28 Aug 2002 15:38:56 +0200 Message-ID: <14D1193E30E0894D8A773957C0AEE24A01EE0226@SOMEXEVS001.ex.ordersx.org> X-MS-Has-Attach: X-MS-TNEF-Correlator: Thread-Topic: [users@httpd] ask loggin everytime u open the page Thread-Index: AcJOlzODAc5UPgR8RYuZJJ50XqWumgAAAyCw From: "Boyle Owen" To: X-Spam-Rating: daedalus.apache.org 1.6.2 0/1000/N Subject: RE: [users@httpd] ask loggin everytime u open the page >From: J. Greenlees [mailto:jaqui@shaw.ca] > >... use no-cache and the browser can't keep anything... Want to bet about that? The browser is its own master and can do what it = likes. A well-behaved browser might choose to obey these meta tags but = there is no fundamental law of the universe forcing it to :-) In any case, the username/password pair is passed as a base64-encoded = argument to the Authorization header in the request. I'm not sure that = this is cached by the same mechanism that caches HTML content so even if = the browser obeyed the no-cache hint, I doubt it would not cache the = username/password pair. Finally, even if you succeeded, it would mean that every request in the = protected area would require the user to type in a username and password = - i.e. every new page you loaded and all the images etc... That'd be = rather a Pyrrhic victory, I'd imagine. Rgds, Owen Boyle =20 > >Boyle Owen wrote: > >>Remarkably, another user asked a similar question yesterday=20 >(answer at:=20 >http://marc.theaimsgroup.com/?l=3Dapache-httpd-users&m=3D1030448455 >17207&w=3D2). >> >>Basically, this behaviour is controlled by the browser which=20 >caches the username/password. You can't force it to forget it... >> >>Rgds, >> >>Owen Boyle >> >>>-----Original Message----- >>>From: Raphael KONG [mailto:rkong@saint-etienne.sema.slb.com] >>>Sent: Mittwoch, 28. August 2002 14:36 >>>To: users@httpd.apache.org >>>Subject: [users@httpd] ask loggin everytime u open the page >>> >>> >>>lo ! >>> >>>I'm new here and for my first question : >>> >>>I use the mod "mod_auth_ldap" to limit access to a=20 >directory. You can=20 >>>access only if you have an account in my ldap server. It works=20 >>>well. But=20 >>>here if I log in, the authentification is valid until I close IE or=20 >>>Netscape. I would like to ask loggin/password every time a=20 >>>user try to open=20 >>>the index page without closing the browser. >>> >>>Is there a solution ? >>> >>>I hope it clear for you ! >>> >>>Thx for your help ! >>> >>>Raphael.=20 >>> >>> >>>--------------------------------------------------------------------- >>>The official User-To-User support forum of the Apache HTTP=20 >>>Server Project. >>>See for more info. >>>To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org >>> " from the digest: users-digest-unsubscribe@httpd.apache.org >>>For additional commands, e-mail: users-help@httpd.apache.org >>> >>> >> >>--------------------------------------------------------------------- >>The official User-To-User support forum of the Apache HTTP=20 >Server Project. >>See for more info. >>To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org >> " from the digest: users-digest-unsubscribe@httpd.apache.org >>For additional commands, e-mail: users-help@httpd.apache.org >> >> > > > > >--------------------------------------------------------------------- >The official User-To-User support forum of the Apache HTTP=20 >Server Project. >See for more info. >To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org > " from the digest: users-digest-unsubscribe@httpd.apache.org >For additional commands, e-mail: users-help@httpd.apache.org > > --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See for more info. To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org " from the digest: users-digest-unsubscribe@httpd.apache.org For additional commands, e-mail: users-help@httpd.apache.org