www-apache-bugdb mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Marc Slemko <ma...@znep.com>
Subject Re: mod_auth-any/2439: NonCached Name/Pwd's
Date Tue, 23 Jun 1998 17:10:01 GMT
The following reply was made to PR mod_auth-any/2439; it has been noted by GNATS.

From: Marc Slemko <marcs@znep.com>
To: Randy Jae Weinstein <rw263@is7.nyu.edu>
Cc: Apache bugs database <apbugs@apache.org>
Subject: Re: mod_auth-any/2439: NonCached Name/Pwd's
Date: Tue, 23 Jun 1998 09:55:18 -0700 (PDT)

 On Tue, 23 Jun 1998, Randy Jae Weinstein wrote:
 
 > Marc --
 > 
 > According to:
 > 	www.apache.org/perl/dist/apache-modlist.html
 > 
 > there is a AuthExpire (Expire Basic auth credentials) by DougM
 > and on...
 
 Except that if you look you will notice that it doesn't exist yet.
 
 You can expire basic auth credentials on the server, but that means that
 they are never ever valid for the client again.  So if you want to give
 someone access to a site for two days, that works.  If you want to give
 them access forever, but timeout if they don't access the site for x
 minutes, it doesn't. 
 
 > 
 > 	www.perl.com/CPAN-local/modules/by-module/
 > 			        Apache/Apache-AuthenCache-0.01.readme
 > 
 > there is a PerSetaVar AuthenCache_cache_time which will also expire
 > euthentication name/pwds.  Since I can't seem to locate the earlier of the
 
 That has nothing to do with expiring them by making them invalid, that is
 strictly expiring them from the cache.
 
 > two I emailed the author about it.  However.... You claim you can't expire
 > authentication info as this is a client feature not one of the server.
 
 I said that because it is the case.  There are hacks you can do to work
 around it somewhat, but they have no place in Apache and don't work well.
 
 > Then I'm confused as to how the above work?  Why can't THIS be included in
 > Apache??  HELP!!!!!!!
 > 
 > > Synopsis: NonCached Name/Pwd's
 > > 
 > > State-Changed-From-To: open-closed
 > > State-Changed-By: marc
 > > State-Changed-When: Sat Jun 13 22:26:17 PDT 1998
 > > State-Changed-Why:
 > > There is no way Apache can tell the client not to cache
 > > the information.
 > 
 >                                                    Cheers,
 >  =|  __  __    T    |                              Randy Jae
 >  =| | .\/. |   O  M |
 >   *--\ \/ /--* O  A |                                 Lehigh University
 >   |  / __ \    T  N |  Randy Jae Weinstein        NYU College of Dentistry
 >   | |_|  |_|   H    |  rw263@is7.NYU.EDU
 > --==>> http://Pages.NYU.EDU/~rw263/
 > 
 

Mime
View raw message