[prev in list] [next in list] [prev in thread] [next in thread]
List: apache-httpd-users
Subject: Re: [users@httpd] Does mod_auth_digest not determine session expiration?
From: Ben Reser <ben () reser ! org>
Date: 2013-12-23 5:05:55
Message-ID: 52B7C4B3.5050504 () reser ! org
[Download RAW message or body]
On 12/22/13, 3:13 PM, Allasso Travesser wrote:
> Thank you, Ben, very informative. So I get from this that unmodified, \
> mod_auth_digest behaves as I said, though it could be modified to force the browser \
> to do a prompt.
Yes, sorry if I wasn't very clear about that.
> I note that in any case though, the module has no knowledge of what the user is \
> doing with the browser, such as shut-down/restart, and there is no standard which \
> requires the browser to send such information to the server.
Correct. As far as I know the RFC I linked to is the only RFC that talks about
Digest authentication.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic