Cees Hek wrote: > So instead of storing a y/n in the database, store a unique string that is > used as the realm, and clear it when they log out. Now everytime you send > the Authenitication required header, send the unique realm for this user > that you stored in the database, and if it doesn't exist, generate a new > one. Good one! The only bad thing I see is that the realm is visible in the dialog box the user see, isn't it? Seeing a random string might be a bit unsettling for the user, but there is no technical reason for it not to work. -- Pierre Phaneuf Systems Exorcist
- Authentication handlers Kiran Kumar.M
- Re: Authentication handlers Paul J. Lucas
- Re: Authentication handlers Pierre Phaneuf
- Re: Authentication handlers Paul J. Lucas
- Re: Authentication handlers Bill Moseley
- Re: Authentication handlers Pierre Phaneuf
- Re: Authentication handlers Bill Moseley
- Re: Authentication handlers Cees Hek
- Re: Authentication handlers Pierre Phaneuf
- Re: Authentication handlers Sisyphus
- Re: Authentication handlers Erdmut Pfeifer
- Re: Authentication handlers Cees Hek
- push_handlers question Mike Cameron
- Re: Authentication handlers Daryl Campbell
- Re: Authentication handlers Cees Hek