> far, but when the users session times out, we want to require them to > log in again. How do I either scrub the header or force Apache to resend > the login request?
I'm not sure that I'm offering the right reply, but when you're writing authentication handlers, you use $r->note_basic_auth_failure; $r->log_reason( "Your session has timed out. Please re-enter login." ); return AUTH_REQUIRED; Grant M.
