I'm working on the Apache::AuthExpire module. Considering the
difficulties of getting two browsers to behave the same way,
I was thinking that I should probably implement a login page,
once the initial authentication phase is finished. Basically,
user logs in, then if no timestamp is available (stored in a file),
then the initial login also starts the timer. If a timestamp is
available, and the user is idle for more than 15 minutes, the user
is greeted with an html page asking for password again.
My question is this: should I implement this as an authen handler,
which it is now, or as an authz handler, which I think would give me more
flexibility.
Also, how do I get something renamed or reclassified, if I decide
that I should move it from the Authen phase to the Authz phase?
Thanks,
JJ
--
J. J. Horner
"H*","6d6174686c696e40326a6e6574776f726b732e636f6d"
***************************************************
"H*","6a6a686f726e65724062656c6c736f7574682e6e6574"
Freedom is an all-or-nothing proposition: either we
are completely free, or we are subjects of a
tyrannical system. If we lose one freedom in a
thousand, we become completely subjugated.
PGP signature
