httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Ben Reser <>
Subject Re: [users@httpd] Does mod_auth_digest not determine session expiration?
Date Mon, 23 Dec 2013 05:05:55 GMT
On 12/22/13, 3:13 PM, Allasso Travesser wrote:
> Thank you, Ben, very informative.  So I get from this that unmodified, mod_auth_digest
behaves as I said, though it could be modified to force the browser to do a prompt.

Yes, sorry if I wasn't very clear about that.

> I note that in any case though, the module has no knowledge of what the user is doing
with the browser, such as shut-down/restart, and there is no standard which requires the browser
to send such information to the server.

Correct.  As far as I know the RFC I linked to is the only RFC that talks about
Digest authentication.

To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message