[927] in RedHat Linux List
Re: Apache 1.1.1 & Caching Passwds
daemon@ATHENA.MIT.EDU (Joe Block)
Fri Oct 25 13:08:32 1996
In-Reply-To:
<Pine.LNX.3.91.961025085537.22834C-100000@washington.patriot.net>
Date: Fri, 25 Oct 1996 12:16:13 -0400
To: redhat-list@redhat.com
From: Joe Block <jpb@miamisci.org>
Resent-From: redhat-list@redhat.com
Reply-To: redhat-list@redhat.com
At 9:00 AM -0400 10/25/96, Steve \"Stevers!\" Coile wrote:
>On Thu, 24 Oct 1996, Bryan C. Andregg wrote:
>>I am looking for a way to set the amount of time that the server will
>>allow a client to connect to a restricted area before requesting the
>>password again. The setup I need is:
>>
>>1. client connects to passwd restricted web-page.
>>2. server queries for password and approves
>>3. If client is idle for more than 1 minute, the server requests the
>>passwd again.
>>
>>Is this possible? It would greatlt promote Linux over NT where I work
>>if so.
>
>It's most certainly possible, but it's not part of standard Apache
>(to my knowledge). George Mason University, where I used to work, had
>a similiar requirement. We developed a CGI-level software suite that
>handled authentication and authentication expiration. You're probably
>going to have to either that, write (or modify) an (existing) Apache
>module, or modify Apache itself.
You could do this with cookies - when you authenticate, send a cookie with
an expiration date 1 minute in the future. Write a cgi that requests the
cookie before sending the html page, and if it gets the cookie, sends
another one with another 1 minute expiration.
Won't work with browsers that don't support cookies, though.
Joe Block <jpb@miamisci.org>
"That's our advantage at Microsoft; we set the standards and we can change
them."
-- Karen Hargrove, Microsoft (quoted in the Feb 1993 Unix Review editorial)
--
PLEASE read the Red Hat FAQ, Tips, HOWTO and the MAILING LIST ARCHIVES!
________________________________________________________________________
http://www.redhat.com/RedHat-FAQ http://www.redhat.com/RedHat-HOWTO
http://www.redhat.com/RedHat-Tips http://www.redhat.com/mailing-lists
------------------------------------------------------------------------
To unsubscribe: mail -s unsubscribe redhat-list-request@redhat.com < /dev/null
