On Tue, 25 Aug 1998, Marc Slemko wrote: > This is one of the situations where cookies are actually one of the better > solutions. HTTP authentication is even better, but many people dislike it > because they can't control the login prompt and due to how it can be > cached by the client. Well, when I set up a webmail thing on my machine using HTTP Basic authentication, I created a special page (logout.html) which simply returned a "not authorized" response for the webmail realm, no matter what the request was. This would pop up another username/password prompt, which the user could cancel. After that -- at least with Netscape -- they would have to re-enter their username and password before accessing anything that required authentication. I'm not clear that this behavior is required by the standard. Kragen -- <kragenat_private> Kragen Sitaker <http://www.pobox.com/~kragen/> We are forming cells within a global brain and we are excited that we might start to think collectively. What becomes of us still hangs crucially on how we think individually. -- Tim Berners-Lee, inventor of the Web
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:13:31 PDT