Re: authenticate_ttl not working?

From: Henrik Nordstrom <hno@dont-contact.us>
Date: Fri, 24 Sep 1999 21:30:11 +0200

Dave J Woolley wrote:

> Any such expiry can only be implemented by the browser.

Only partially true.

The proxy can cause the browser to show a logon dialog after a given
period of time. Problem is that it cannot distinguish if the user really
reenters the password or if they simply cancel the login dialog and
retries the request with their browser cached credentials. Some versions
of the browsers flush the authentication credentials when this happen,
and then the user is trulu required to reauthenticate, but not all
browsers do this.

--
Henrik Nordstrom
Spare time Squid hacker
Received on Fri Sep 24 1999 - 14:24:45 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:48:33 MST