Paul M Fleming wrote:
Timing out the passwords is simple ( I think ) I would store the timeAlso, if the authentication against the cached entry fails it should be refreshed and tried against the new one, so that if the user changes their password the caching is transparent.
when the entry is added and force a reauth if the password has been
cached longer than a timeout (for example one hour ). That forces a
reauth at least every timeout period of time. If an entry isn't in the
cache (or if it is different the entry would be removed and ) a reauth
would be forced. Every successfull auth would be added to the cache.
--
John A. Tamplin Unix System Administrator
Emory University, School of Public Health +1 404/727-9931