Spidaman The Defenestrator wrote: > > The point that should be taken is that if one must use a cookie for auth, > expire it early and often. What would _really_ be nice is if there were > a javascript or ecmascribble or whatever it's called object that can _set_ > or _unset_ the auth request headers so one _could_ do a form driven > authentication that used HTTP standards (basic and digest authentication). In that case wouldn't you be trusting the user-agent to respect the unset command? -jwb
- authentication via login form Eugene Sotirescu
- Re: authentication via login form Jeffrey W. Baker
- Re: authentication via login form Randal L. Schwartz
- Re: authentication via login form Spidaman The Defenestrator
- Re: authentication via login f... Gunther Birznieks
- Re: authentication via lo... Andrew McNaughton
- Re: authentication vi... Jeffrey W. Baker
- Re: authenticatio... J. Robert von Behren
- Re: authentication via login f... Jeffrey W. Baker
- Re: authentication via login form Jeffrey W. Baker
- Re: authentication via login f... Randal L. Schwartz
- Re: authentication via login form Ajit Deshpande
- Re: authentication via login f... Eugene Sotirescu
- Re: authentication via lo... John D Groenveld
- Re: authentication vi... Randal L. Schwartz
- Re: authenticatio... Jamie O'Shaughnessy
- Re: authenticatio... Dave Hodgkinson
- Re: authenticatio... Michael Peppler
- Re: authenticatio... Dave Hodgkinson