authentication requirement will
fail, so this is not a solution to preventing session refresh (unless
applied to a resource which doesn't require authentication.)
On Mon, Jan 20, 2014 at 10:49 AM, Erik Pearson wrote:
> Okay, I take that back. Call me an Apache idiot.
> The SessionExclude direct
ug in mod_session regarding the application of
SessionExclude unless there were also SessionIncludes. I'll pursue this as
bug report.
On Mon, Jan 20, 2014 at 8:10 AM, Erik Pearson wrote:
> Well, it looks like I've just answered one of my questions. The
> "SessionExclude" d
My testing shows that when SessionExclude is in effect, the mod_auth_form
does indeed still see the session -- session crypto even works -- on a url
that is excluded via SessionExclude -- and the expiry is not updated.
On Mon, Jan 20, 2014 at 7:23 AM, Erik Pearson wrote:
> Greetings Apache httpd commun
ay well around httpd module phases. I'm
hoping someone with experience in this area can help set me straight.
On Thu, Jan 16, 2014 at 10:54 AM, Erik Pearson wrote:
> Hi,
> I've just started using Apache sessions in 2.4.7, in combination with
> mod_auth_form. It is working g
y exists for the
>>> 2.4 branch, not even an old version.
>>>
>>> Taken together, these findings make me think that Windows binary
>>> releases may have ceased formally some time after the release of 2.2.25.
>>>
>>> If that's correct, can anyone point me to information about the specific
>>> configuration settings and build environment used for the 2.2.25 release?
>>> If I'm to build from source, I'd like to replicate the build as accurately
>>> as possible.
>>>
>>> Thanks in advance for any clarity.
>>>
>>>
>>
>
>
> --
> Born in Roswell... married an alien...
> http://emptyhammock.com/
>
--
Erik Pearson
Adaptations
;; web form and function
Hi,
I've just started using Apache sessions in 2.4.7, in combination with
mod_auth_form. It is working great. It is fronting a web app running under
SCGI and that part is working fine as well.
On a page that is protected by authentication I have ajax calls to urls
that are also under authentication