On Mon, 2003-07-21 at 14:42, John Nichel wrote:
> Since > the browser caches the username and password with the authentication > realm, as described earlier in this tutorial, this is not a function of > the server configuration, but is a question of getting the browser to > forget the credential information, so that the next time the resource is > requested, the username and password must be supplied again. There are > numerous situations in which this is desirable, such as when using a > browser in a public location, and not wishing to leave the browser > logged in, so that the next person can get into your bank account.
I do this all the time (as do a lot of web based services) by authenticating using PHP scripts. You can have sessions in PHP that time out after a period of inactivity and if someone else tries to use the page they will have to re-enter the username and password. You can allow access to other resources only through the script, though that may not be possible with some services.
I've done this also. In this case, I also include META "refresh" tags on all pages to "refresh" the client page, but the "refresh" actually presents a "you have been logged out" page, just the same as if the user had clicked the "logout" option of my menu system.
Frank
-- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://www.redhat.com/mailman/listinfo/redhat-list
