[2909] in WWW Security List Archive
RE: page security
daemon@ATHENA.MIT.EDU (Uday Bikkasani)
Tue Sep 10 09:40:34 1996
From: Uday Bikkasani <bikkasan@ag-data.com>
To: "www-security@ns2.rutgers.edu" <www-security@ns2.rutgers.edu>,
"'Thomas L. Hobika'" <hobika@kodak.com>
Date: Tue, 10 Sep 1996 08:06:42 -0400
Errors-To: owner-www-security@ns2.rutgers.edu
<META HTTP-EQUIV="Expires" CONTENT="Sun, 01 SEP 1996 21:29:02 GMT">
the above tag can be used and make sure that your expiry date has already passed.
uday
----------
From: Thomas L. Hobika
Sent: Monday, September 09, 1996 4:49 PM
To: www-security@ns2.rutgers.edu
Subject: page security
Hello,
I recently posted regarding page security. I had asked if there was a
way to force a user to authenticate before getting access to a page or
server. I have been able to implement this via password protection and
www_acl lists, however, I am having problems with preventing the
authenticated pages from being cached. This caching of the pages is
causing concern .. I have been told of a "Pragma: no-cache" and recently
read something to the affect that including an "Expire" tag dated with
an earlier date to force the page to be refreshed or not be cached. Is
this true ? If so, how do you implement the above tags ? I would be
interested in seeing some examples if someone could please provide them.
Any help would be grealty appreciated .. thanks in advance ...
-- Tom
Thomas L. Hobika
Systems Administration
Broad Technologies Platform Center
Eastman Kodak Company
Rochester, N.Y. 14653-5811
work: 716.726.3391
internet: hobika@kodak.com
