John, yes they use .htaccess. This confirms what I was coming to realize. Thanks,
Mike ----- Original Message ----- From: "John Nichel" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Monday, July 21, 2003 11:42 AM Subject: Re: Session Timeout for Apache? > Mike McMullen wrote: > > Subject: Re: Session Timeout for Apache? > > > > > > > >>At 01:59 PM 7/21/03, Mike McMullen wrote: > >> > Does anyone know of a utility or code that will > >> > time-out a web session with Apache? > >> > >> > >>in httpd.conf (default is 5 minutes): > >> > >># > >># Timeout: The number of seconds before receives and sends time out. > >># > >> > >>Timeout 300 > >> > > > > > > Please forgive my ignorance on this but looking at the documentation now > > for timeout I'm not certain this addresses what I want to do. > > > > I have users who access their information via certain CGI in their > > public_html/bin directories of the home directories. > > > > When they access their CGI and files they are prompted for their username > > and password via the pop-up window. > > > > What I would like to have happen is after say 30 minutes of inactivity, if > > someone tries to click a button or run a CGI, they get prompted with the > > pop-up login window of Apaches. > > > > Does Timeout address that? > > > > Sorry if this is "intuitively obvious", > > > > Mike > > Using .htaccess to protect the directory? > > http://httpd.apache.org/docs/howto/auth.html#basicfaq > "How do I log out? > > Since browsers first started implementing basic authentication, website > administrators have wanted to know how to let the user log out. Since > the browser caches the username and password with the authentication > realm, as described earlier in this tutorial, this is not a function of > the server configuration, but is a question of getting the browser to > forget the credential information, so that the next time the resource is > requested, the username and password must be supplied again. There are > numerous situations in which this is desirable, such as when using a > browser in a public location, and not wishing to leave the browser > logged in, so that the next person can get into your bank account. > > However, although this is perhaps the most frequently asked question > about basic authentication, thus far none of the major browser > manufacturers have seen this as being a desirable feature to put into > their products. > > Consequently, the answer to this question is, you can't. Sorry." > > > -- > redhat-list mailing list > unsubscribe mailto:[EMAIL PROTECTED] > https://www.redhat.com/mailman/listinfo/redhat-list > -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://www.redhat.com/mailman/listinfo/redhat-list