[prev in list] [next in list] [prev in thread] [next in thread] 

List:       apache-httpd-users
Subject:    Re: [users@httpd] Does mod_auth_digest not determine session expiration?
From:       Ben Reser <ben () reser ! org>
Date:       2013-12-23 5:05:55
Message-ID: 52B7C4B3.5050504 () reser ! org
[Download RAW message or body]

On 12/22/13, 3:13 PM, Allasso Travesser wrote:
> Thank you, Ben, very informative.  So I get from this that unmodified, \
> mod_auth_digest behaves as I said, though it could be modified to force the browser \
> to do a prompt.

Yes, sorry if I wasn't very clear about that.

> I note that in any case though, the module has no knowledge of what the user is \
> doing with the browser, such as shut-down/restart, and there is no standard which \
> requires the browser to send such information to the server.

Correct.  As far as I know the RFC I linked to is the only RFC that talks about
Digest authentication.


---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


[prev in list] [next in list] [prev in thread] [next in thread]