What I'm doing is this:
Using DBI to store info for Apache::Session w/ cookies. I'm using MySQL and
added an additional field to the sessions table that contains a timestamp.
A couple of fields stored in session data are username and crypted passwd...
it's checked at critical points of the app
There has been considerable discussion about this in the past, check the archive.
Changing realm doesn't help, because the browser remembers passwords by realm.
You really do have to have session control.
[EMAIL PROTECTED] wrote:
> > >password as expected. It all works. However, my customer has
*lol* the ol' logout button. i went through that at work. what i
did finally was use a session cookie and destroyed (expired)
it. unless there was some way to set the remote_user env var.
At 10:20 AM 11/20/99 -0800, [EMAIL PROTECTED] wrote:
>> >password as expected. It all works. However, my c
At 10:20 AM 11/20/99 -0800, [EMAIL PROTECTED] wrote:
>> >password as expected. It all works. However, my customer has asked for
>> either a
>> >timeout, a [Logout] button, or both so that the browser basically
>> 'forgets' the
>> >user id. This would then remove the requirement for the user to clo
> >password as expected. It all works. However, my customer has asked for
> either a
> >timeout, a [Logout] button, or both so that the browser basically
> 'forgets' the
> >user id. This would then remove the requirement for the user to close down
> the
> >browser when they leave their system.
>
At 01:45 PM 11/19/99 -0500, [EMAIL PROTECTED] wrote:
>From: Dave Pfaltzgraff@PATAPSCO on 11/19/99 01:45 PM
>
>I'm fairly new at this and need a few pointers to possible resources.
>
>I've used Apache::AuthenDBI and thus require the user to enter a user name
and
>password as expected. It all works.
[EMAIL PROTECTED] wrote:
>I'm fairly new at this and need a few pointers to possible resources.
>
>I've used Apache::AuthenDBI and thus require the user to enter a user name and
>password as expected. It all works. However, my customer has asked for either
a
>timeout, a [Logout] button, or both s
From: Dave Pfaltzgraff@PATAPSCO on 11/19/99 01:45 PM
I'm fairly new at this and need a few pointers to possible resources.
I've used Apache::AuthenDBI and thus require the user to enter a user name and
password as expected. It all works. However, my customer has asked for either a
timeout, a